Back to search
CVE-2012-2337
Published: May 18, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=820677
x_refsource_CONFIRM
49219
third-party-advisory
x_refsource_SECUNIA
49948
third-party-advisory
x_refsource_SECUNIA
49244
third-party-advisory
x_refsource_SECUNIA
MDVSA-2012:079
vendor-advisory
x_refsource_MANDRIVA
49291
third-party-advisory
x_refsource_SECUNIA
DSA-2478
vendor-advisory
x_refsource_DEBIAN
1027077
vdb-entry
x_refsource_SECTRACK
https://www.suse.com/security/cve/CVE-2012-2337/
x_refsource_MISC
FEDORA-2012-7998
vendor-advisory
x_refsource_FEDORA
http://www.sudo.ws/sudo/alerts/netmask.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now