CVE-2010-0427

Priority
Description
sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not
properly set group memberships, which allows local users to gain privileges
via a sudo command.
Notes
 jdstrand> group privilege escalation, but requires non-default configuration.
  This only affects 1.6 and not 1.7
 jdstrand> Dapper (1.6.8) is not affected
Assigned-to
jdstrand
Package
Source: sudo (LP Ubuntu Debian)
Upstream:released (1.6.9p21)
Patches:
Upstream:http://sudo.ws/repos/sudo/rev/aa0b6c01c462
More Information

Updated: 2019-03-19 11:52:25 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)