CVE-2016-7032

Sažetak

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

Reference

http://rhn.redhat.com/errata/RHSA-2016-2872.html
http://www.securityfocus.com/bid/95776
https://bugzilla.redhat.com/show_bug.cgi?id=1372830
https://usn.ubuntu.com/3968-3/
https://www.sudo.ws/alerts/noexec_bypass.html

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-09-2020 - 18:15

Objavljeno

14-04-2017 - 18:59