Home / vulnerabilities glsa-200902-01.txt
Posted on 07 February 2009
Source : packetstormsecurity.org Link
Gentoo Linux Security Advisory GLSA 200902-01 - A vulnerability in sudo may allow for privilege escalation. Harald Koenig discovered that sudo incorrectly handles group specifications in Runas_Alias (and related) entries when a group is specified in the list (using %group syntax, to allow a user to run commands as any member of that group) and the user is already a member of that group. Versions less than 1.7.0 are affected.
