CVE-2010-2956medium
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
References
http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://secunia.com/advisories/40508
http://secunia.com/advisories/41316
http://secunia.com/advisories/42787
http://security.gentoo.org/glsa/glsa-201009-03.xml
http://wiki.rpath.com/Advisories:rPSA-2010-0075
http://www.mandriva.com/security/advisories?name=MDVSA-2010:175
http://www.redhat.com/support/errata/RHSA-2010-0675.html
http://www.securityfocus.com/archive/1/514489/100/0/threaded
http://www.securityfocus.com/archive/1/515545/100/0/threaded
http://www.securityfocus.com/bid/43019
http://www.securitytracker.com/id?1024392
http://www.sudo.ws/sudo/alerts/runas_group.html
http://www.ubuntu.com/usn/USN-983-1
http://www.vmware.com/security/advisories/VMSA-2011-0001.html
http://www.vupen.com/english/advisories/2010/2312
http://www.vupen.com/english/advisories/2010/2318
http://www.vupen.com/english/advisories/2010/2320
http://www.vupen.com/english/advisories/2010/2358
Details
Source: MITRE
Published: 2010-09-10
Updated: 2018-10-10
Type: NVD-CWE-Other
Risk Information
CVSS v2
Base Score: 6.2
Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 1.9
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 147406 | NewStart CGSL MAIN 4.06 : sudo Multiple Vulnerabilities (NS-SA-2021-0001) | Nessus | NewStart CGSL Local Security Checks | high |
| 89673 | VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0001) (remote check) | Nessus | Misc. | high |
| 75750 | openSUSE Security Update : sudo (openSUSE-SU-2010:0591-1) | Nessus | SuSE Local Security Checks | medium |
| 68093 | Oracle Linux 5 : sudo (ELSA-2010-0675) | Nessus | Oracle Linux Local Security Checks | medium |
| 60854 | Scientific Linux Security Update : sudo on SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | medium |
| 51422 | VMSA-2011-0001 : VMware ESX third-party updates for Service Console packages glibc, sudo, and openldap | Nessus | VMware ESX Local Security Checks | high |
| 49721 | Fedora 12 : sudo-1.7.4p4-2.fc12 (2010-14996) | Nessus | Fedora Local Security Checks | medium |
| 49240 | Fedora 14 : sudo-1.7.4p4-1.fc14 (2010-14184) | Nessus | Fedora Local Security Checks | medium |
| 49230 | Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2010-257-02) | Nessus | Slackware Local Security Checks | medium |
| 49205 | Mandriva Linux Security Advisory : sudo (MDVSA-2010:175) | Nessus | Mandriva Local Security Checks | medium |
| 49203 | CentOS 5 : sudo (CESA-2010:0675) | Nessus | CentOS Local Security Checks | medium |
| 49197 | Fedora 13 : sudo-1.7.4p4-1.fc13 (2010-14355) | Nessus | Fedora Local Security Checks | medium |
| 49168 | openSUSE Security Update : sudo (openSUSE-SU-2010:0591-1) | Nessus | SuSE Local Security Checks | medium |
| 49140 | Ubuntu 9.10 / 10.04 LTS : sudo vulnerability (USN-983-1) | Nessus | Ubuntu Local Security Checks | medium |
| 49128 | RHEL 5 : sudo (RHSA-2010:0675) | Nessus | Red Hat Local Security Checks | medium |
| 49124 | GLSA-201009-03 : sudo: Privilege Escalation | Nessus | Gentoo Local Security Checks | medium |
| 49123 | FreeBSD : sudo -- Flaw in Runas group matching (67b514c3-ba8f-11df-8f6e-000c29a67389) | Nessus | FreeBSD Local Security Checks | medium |