QwikSec

Security Database

CVE

CWE

Training

CVE-2016-7076

Published: May 29, 2018

Modified: Aug 6, 2024

PUBLISHED

CVSS v3.0

6.4

MEDIUM

Description

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

Vendor	Product	Versions
[UNKNOWN]	sudo	affected `sudo 1.8.18p1`

Weaknesses (CWE)

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://www.sudo.ws/alerts/noexec_wordexp.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7076

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20181127-0002/

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.