CVE-2012-2337
Published May 18, 2012
Last updated 7 years ago
Overview
- Description
- sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "976B5923-1BCC-4DE6-A904-930DD833B937"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5452DF1-0270-452D-90EB-45E9A084B94C"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBFD12E6-F92E-4371-ADA7-BCD41E4C9014"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EF4CB38-4033-46A1-9155-DC348261CAEE"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67FDF4FB-06FA-4A10-A3CF-F52169BC8072"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26DB5610-03CE-425E-8855-70D5787029FE"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5DFC86C-7743-4F27-BC10-170F04C23D7B"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55799ECB-CEB1-4839-8053-4C1F071D1526"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2170CFD0-2594-45FB-B68F-0A75114F00A8"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "294FC65B-4225-475A-B49A-758823CEDECD"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6156B085-AA17-458C-AED1-D658275E43B9"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85AA3DDA-BEC4-422D-8542-3FF5C6F5FA38"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6419309-385F-4525-AD4B-C73B1A3ED935"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD3604EC-3109-41AF-9068-60C639557BEC"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE103608-6BCB-4EC0-8EB1-110A80829592"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F03EF9C-D90D-425E-AC35-8DD02B7C03F2"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AC8D478-8554-4947-926A-8B1B27DD122D"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64435258-4639-438E-825F-E6AA82D41745"
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C33BC128-A782-465A-8AF0-860EBC8388EB"
}
],
"operator": "OR"
}
]
}
]