Vulnerabilities

CVE-2018-10852

by Fred · 26/06/2018

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.

Date published : 2018-06-26

http://www.securityfocus.com/bid/104547

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10852

Similar

Tags: Cybersecurity Alert