CVE-2016-7032

NONE EPSS 25.7%
Published Apr 14, 20179y ago · Modified Jun 17, 20262w ago
Find Similar
Published Apr 14, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.

Threat Intelligence

EPSS Exploit Probability
25.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-284

Affected Products 28

VendorProductVersionRange
todd_millersudo1.6.8any
todd_millersudo1.6.9any
todd_millersudo1.7.0any
todd_millersudo1.7.1any
todd_millersudo1.7.2any
todd_millersudo1.7.3any
todd_millersudo1.7.4any
todd_millersudo1.7.5any
todd_millersudo1.7.6any
todd_millersudo1.7.7any
todd_millersudo1.7.8any
todd_millersudo1.7.9any
todd_millersudo1.7.10any
todd_millersudo1.8.0any
todd_millersudo1.8.1any
todd_millersudo1.8.2any
todd_millersudo1.8.3any
todd_millersudo1.8.4any
todd_millersudo1.8.5any
todd_millersudo1.8.6any
todd_millersudo1.8.7any
todd_millersudo1.8.8any
todd_millersudo1.8.9any
todd_millersudo1.8.10any
todd_millersudo1.8.11any
todd_millersudo1.8.12any
todd_millersudo1.8.13any
todd_millersudo1.8.14any

References 5

  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2016-2872.html
  • securityfocus.com http://www.securityfocus.com/bid/95776
    Third Party AdvisoryVDB Entry
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1372830
    Issue TrackingThird Party AdvisoryVDB Entry
  • usn.ubuntu.com https://usn.ubuntu.com/3968-3/
  • sudo.ws https://www.sudo.ws/alerts/noexec_bypass.html

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.