Oval Definition:oval:com.redhat.rhsa:def:20090267
Revision Date:2009-02-05Version:638
Title:RHSA-2009:0267: sudo security update (Moderate)
Description:The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root with logging.

  • A flaw was discovered in a way sudo handled group specifications in "run as" lists in the sudoers configuration file. If sudo configuration allowed a user to run commands as any user of some group and the user was also a member of that group, sudo incorrectly allowed them to run defined commands with the privileges of any system user. This gave the user unintended privileges. (CVE-2009-0034)

    Users of sudo should update to this updated package, which contains a backported patch to resolve this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-0034
    RHSA-2009:0267
    RHSA-2009:0267-01
    RHSA-2009:0267-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND sudo is earlier than 0:1.6.9p17-3.el5_3.1
  • AND sudo is signed with Red Hat redhatrelease2 key
    • BACK