Back to search
CVE-2016-7091
Published: Dec 22, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92615
vdb-entry
x_refsource_BID
RHSA-2016:2593
vendor-advisory
x_refsource_REDHAT
[Bug-readline] 20160524 INPUTRC issues
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now