CVE-2015-5602

Publication date

2015-11-17 15:00:00

Family

mitre

State

PUBLISHED

Description

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."