Back to search
CVE-2009-0034
Published: Jan 30, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
33885
third-party-advisory
x_refsource_SECUNIA
51736
vdb-entry
x_refsource_OSVDB
35766
third-party-advisory
x_refsource_SECUNIA
1021688
vdb-entry
x_refsource_SECTRACK
33517
vdb-entry
x_refsource_BID
https://issues.rpath.com/browse/RPL-2954
x_refsource_CONFIRM
MDVSA-2009:033
vendor-advisory
x_refsource_MANDRIVA
ADV-2009-1865
vdb-entry
x_refsource_VUPEN
33753
third-party-advisory
x_refsource_SECUNIA
RHSA-2009:0267
vendor-advisory
x_refsource_REDHAT
[Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
mailing-list
x_refsource_MLIST
20090129 rPSA-2009-0021-1 sudo
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:6462
vdb-entry
signature
x_refsource_OVAL
33840
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/Advisories:rPSA-2009-0021
x_refsource_CONFIRM
20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:10856
vdb-entry
signature
x_refsource_OVAL
http://www.gratisoft.us/bugzilla/show_bug.cgi?id=327
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2009-0009.html
x_refsource_CONFIRM
https://bugzilla.novell.com/show_bug.cgi?id=468923
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now