Security Advisory

CVE-2009-0034

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-01-30 19:00:00

Last updated 2024-08-07 04:17:10

Assigner redhat

State PUBLISHED

Description

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

← Browse all CVEs View on cve.org ↗