Security News > 2017 > June > High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges (The Hackers News)

High-Severity Linux Sudo Flaw Allows Users to Gain Root Privileges (The Hackers News)
2017-06-01 01:28

A high-severity vulnerability has been reported in Linux that could be exploited by a low privilege attacker to gain full root access on an affected system. The vulnerability, identified as CVE-2017-1000367, was discovered by researchers at Qualys Security in Sudo's "get_process_ttyname()" function for Linux that could allow a user with Sudo privileges to run commands as root or elevate


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/8Jh09X-8hBI/linux-sudo-root-hack.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2017-06-05 CVE-2017-1000367 Race Condition vulnerability in Sudo Project Sudo
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
local
high complexity
sudo-project CWE-362
6.4

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232