PT-2001-2372 · Engarde · Engarde Secure Linux

Published

2001-07-11

Updated

2008-09-05

CVE-2001-1240

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Engarde Secure Linux version 1.0.1

Description The default configuration of sudo in Engarde Secure Linux allows any user in the admin group to run certain commands that could be leveraged to gain full root access.

Recommendations For Engarde Secure Linux version 1.0.1, consider restricting the privileges of the admin group to prevent unauthorized access to sensitive commands until a proper configuration or patch is available. As a temporary workaround, review and modify the sudo configuration to limit the commands that can be executed by the admin group.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1240

Affected Products

Engarde Secure Linux

PT-2001-2372 · Engarde · Engarde Secure Linux

CVE-2001-1240

Related Identifiers

Affected Products

References · 2