CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
Configurations

Configuration 1 (hide)

cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-11-17 15:59

Updated : 2024-02-28 15:21


NVD link : CVE-2015-5602

Mitre link : CVE-2015-5602

CVE.ORG link : CVE-2015-5602


JSON object : View

Products Affected

sudo_project

  • sudo
CWE
CWE-264

Permissions, Privileges, and Access Controls