CVE-2015-8239

Published: Oct 10, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.sudo.ws/repos/sudo/rev/397722cdd7ec

x_refsource_CONFIRM

https://www.sudo.ws/repos/sudo/rev/0cd3cc8fa195

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1283635

x_refsource_CONFIRM

[oss-security] 20151118 Re: race condition checking digests/checksums in sudoers

mailing-list

x_refsource_MLIST

https://www.sudo.ws/repos/sudo/rev/24a3d9215c64

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-8239

Description

Affected Products

References