CVE-2010-0427

Priority
Description
sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not
properly set group memberships, which allows local users to gain privileges
via a sudo command.
Assigned-to
jdstrand
Notes
jdstrandgroup privilege escalation, but requires non-default configuration.
This only affects 1.6 and not 1.7
Dapper (1.6.8) is not affected
Package
Source: sudo (LP Ubuntu Debian)
Upstream:released (1.6.9p21)
Patches:
Upstream:http://sudo.ws/repos/sudo/rev/aa0b6c01c462
More Information

Updated: 2020-03-18 22:02:31 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)