| Revision Date: | 2005-06-29 | Version: | 505 |
| Title: | RHSA-2005:535: sudo security update (Moderate) |
| Description: | The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root with logging.
A race condition bug was found in the way sudo handles pathnames. It is possible that a local user with limited sudo access could create a race condition that would allow the execution of arbitrary commands as the root user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1993 to this issue.
Users of sudo should update to this updated package, which contains a backported patch and is not vulnerable to this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-1993
RHSA-2005:535-04
|
| Platform(s): | Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Release Information Red Hat Enterprise Linux 3 is installed
AND sudo is earlier than 0:1.6.7p5-1.1
AND sudo is signed with Red Hat master key
OR Package Information
Red Hat Enterprise Linux 4 is installed
AND sudo is earlier than 0:1.6.7p5-30.1.1
AND sudo is signed with Red Hat master key
|