CVE-2011-0008
NONE EPSS 25.2%
Published Jan 20, 201115y ago · Modified Jun 16, 20262w ago
Published Jan 20, 2011 15y ago
Last Modified Jun 16, 2026 2w ago
Description
A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression.
Threat Intelligence
EPSS Exploit Probability
25.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 115
| Vendor | Product | Version | Range |
|---|---|---|---|
| todd_miller | sudo | * | ≤1.7.4p5 |
| todd_miller | sudo | 1.3.1 | any |
| todd_miller | sudo | 1.5 | any |
| todd_miller | sudo | 1.5.2 | any |
| todd_miller | sudo | 1.5.3 | any |
| todd_miller | sudo | 1.5.6 | any |
| todd_miller | sudo | 1.5.7 | any |
| todd_miller | sudo | 1.5.8 | any |
| todd_miller | sudo | 1.5.9 | any |
| todd_miller | sudo | 1.6 | any |
| todd_miller | sudo | 1.6.1 | any |
| todd_miller | sudo | 1.6.2 | any |
| todd_miller | sudo | 1.6.2p1 | any |
| todd_miller | sudo | 1.6.2p2 | any |
| todd_miller | sudo | 1.6.2p3 | any |
| todd_miller | sudo | 1.6.3 | any |
| todd_miller | sudo | 1.6.3_p1 | any |
| todd_miller | sudo | 1.6.3_p2 | any |
| todd_miller | sudo | 1.6.3_p3 | any |
| todd_miller | sudo | 1.6.3_p4 | any |
| todd_miller | sudo | 1.6.3_p5 | any |
| todd_miller | sudo | 1.6.3_p6 | any |
| todd_miller | sudo | 1.6.3_p7 | any |
| todd_miller | sudo | 1.6.3p1 | any |
| todd_miller | sudo | 1.6.3p2 | any |
| todd_miller | sudo | 1.6.3p3 | any |
| todd_miller | sudo | 1.6.3p4 | any |
| todd_miller | sudo | 1.6.3p5 | any |
| todd_miller | sudo | 1.6.3p6 | any |
| todd_miller | sudo | 1.6.3p7 | any |
| todd_miller | sudo | 1.6.4 | any |
| todd_miller | sudo | 1.6.4_p1 | any |
| todd_miller | sudo | 1.6.4_p2 | any |
| todd_miller | sudo | 1.6.4p1 | any |
| todd_miller | sudo | 1.6.4p2 | any |
| todd_miller | sudo | 1.6.5 | any |
| todd_miller | sudo | 1.6.5_p1 | any |
| todd_miller | sudo | 1.6.5_p2 | any |
| todd_miller | sudo | 1.6.5p1 | any |
| todd_miller | sudo | 1.6.5p2 | any |
| todd_miller | sudo | 1.6.6 | any |
| todd_miller | sudo | 1.6.7 | any |
| todd_miller | sudo | 1.6.7_p5 | any |
| todd_miller | sudo | 1.6.7p1 | any |
| todd_miller | sudo | 1.6.7p2 | any |
| todd_miller | sudo | 1.6.7p3 | any |
| todd_miller | sudo | 1.6.7p4 | any |
| todd_miller | sudo | 1.6.7p5 | any |
| todd_miller | sudo | 1.6.8 | any |
| todd_miller | sudo | 1.6.8_p1 | any |
| todd_miller | sudo | 1.6.8_p2 | any |
| todd_miller | sudo | 1.6.8_p5 | any |
| todd_miller | sudo | 1.6.8_p7 | any |
| todd_miller | sudo | 1.6.8_p8 | any |
| todd_miller | sudo | 1.6.8_p9 | any |
| todd_miller | sudo | 1.6.8_p12 | any |
| todd_miller | sudo | 1.6.8p1 | any |
| todd_miller | sudo | 1.6.8p2 | any |
| todd_miller | sudo | 1.6.8p3 | any |
| todd_miller | sudo | 1.6.8p4 | any |
| todd_miller | sudo | 1.6.8p5 | any |
| todd_miller | sudo | 1.6.8p6 | any |
| todd_miller | sudo | 1.6.8p7 | any |
| todd_miller | sudo | 1.6.8p8 | any |
| todd_miller | sudo | 1.6.8p9 | any |
| todd_miller | sudo | 1.6.8p10 | any |
| todd_miller | sudo | 1.6.8p11 | any |
| todd_miller | sudo | 1.6.8p12 | any |
| todd_miller | sudo | 1.6.9 | any |
| todd_miller | sudo | 1.6.9_p17 | any |
| todd_miller | sudo | 1.6.9_p18 | any |
| todd_miller | sudo | 1.6.9_p19 | any |
| todd_miller | sudo | 1.6.9_p20 | any |
| todd_miller | sudo | 1.6.9_p21 | any |
| todd_miller | sudo | 1.6.9_p22 | any |
| todd_miller | sudo | 1.6.9p1 | any |
| todd_miller | sudo | 1.6.9p2 | any |
| todd_miller | sudo | 1.6.9p3 | any |
| todd_miller | sudo | 1.6.9p4 | any |
| todd_miller | sudo | 1.6.9p5 | any |
| todd_miller | sudo | 1.6.9p6 | any |
| todd_miller | sudo | 1.6.9p7 | any |
| todd_miller | sudo | 1.6.9p8 | any |
| todd_miller | sudo | 1.6.9p9 | any |
| todd_miller | sudo | 1.6.9p10 | any |
| todd_miller | sudo | 1.6.9p11 | any |
| todd_miller | sudo | 1.6.9p12 | any |
| todd_miller | sudo | 1.6.9p13 | any |
| todd_miller | sudo | 1.6.9p14 | any |
| todd_miller | sudo | 1.6.9p15 | any |
| todd_miller | sudo | 1.6.9p16 | any |
| todd_miller | sudo | 1.6.9p17 | any |
| todd_miller | sudo | 1.6.9p18 | any |
| todd_miller | sudo | 1.6.9p19 | any |
| todd_miller | sudo | 1.6.9p20 | any |
| todd_miller | sudo | 1.6.9p21 | any |
| todd_miller | sudo | 1.6.9p22 | any |
| todd_miller | sudo | 1.6.9p23 | any |
| todd_miller | sudo | 1.7.0 | any |
| todd_miller | sudo | 1.7.1 | any |
| todd_miller | sudo | 1.7.2 | any |
| todd_miller | sudo | 1.7.2p1 | any |
| todd_miller | sudo | 1.7.2p2 | any |
| todd_miller | sudo | 1.7.2p3 | any |
| todd_miller | sudo | 1.7.2p4 | any |
| todd_miller | sudo | 1.7.2p5 | any |
| todd_miller | sudo | 1.7.2p6 | any |
| todd_miller | sudo | 1.7.2p7 | any |
| todd_miller | sudo | 1.7.3b1 | any |
| todd_miller | sudo | 1.7.4 | any |
| todd_miller | sudo | 1.7.4p1 | any |
| todd_miller | sudo | 1.7.4p2 | any |
| todd_miller | sudo | 1.7.4p3 | any |
| todd_miller | sudo | 1.7.4p4 | any |
| redhat | fedora | 14 | any |
References 8
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html
- secunia.com http://secunia.com/advisories/42968
- mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2011:018
- vupen.com http://www.vupen.com/english/advisories/2011/0195
- vupen.com http://www.vupen.com/english/advisories/2011/0199
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=668843
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/64965
Remediation
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=668843