CVE Vulnerabilities

CVE-2012-2337

Published: May 18, 2012 | Modified: Jan 05, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.

Affected Software

Name Vendor Start Version End Version
Sudo Todd_miller 1.6.6 1.6.6
Sudo Todd_miller 1.6.3 1.6.3
Sudo Todd_miller 1.6.1 1.6.1
Sudo Todd_miller 1.6.9p20 1.6.9p20
Sudo Todd_miller 1.6.2 1.6.2
Sudo Todd_miller 1.6.9p22 1.6.9p22
Sudo Todd_miller 1.6.8 1.6.8
Sudo Todd_miller 1.6.5 1.6.5
Sudo Todd_miller 1.6.9 1.6.9
Sudo Todd_miller 1.6.3_p7 1.6.3_p7
Sudo Todd_miller 1.6.7p5 1.6.7p5
Sudo Todd_miller 1.6.9p23 1.6.9p23
Sudo Todd_miller 1.6 1.6
Sudo Todd_miller 1.6.4 1.6.4
Sudo Todd_miller 1.6.9p21 1.6.9p21
Sudo Todd_miller 1.6.7 1.6.7
Sudo Todd_miller 1.6.8p12 1.6.8p12
Sudo Todd_miller 1.6.4p2 1.6.4p2
Sudo Todd_miller 1.6.2p3 1.6.2p3

References