Vulnerabilities

CVE-2012-2337

by Fred · 18/05/2012

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.

Date published : 2012-05-18

http://www.sudo.ws/sudo/alerts/netmask.html

https://bugzilla.redhat.com/show_bug.cgi?id=820677

Similar

Tags: Cybersecurity Alert