New Search

sudo Symlink Vulnerability

oval:org.mitre.oval:def:1242

Race condition in sudo 1.3.1 up to 1.6.8p8 when the ALL pseudo-command is used after a user entry in the sudoers file allows local users to gain privileges via a symlink attack.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2005-1993
Product(s):
  • sudo