[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

241641

 
 

909

 
 

192372

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

sudo: arbitrary file write with privileges of the RunAs user - CVE-2023-22809

ID: oval:org.secpod.oval:def:86996Date: (C)2023-01-19   (M)2024-02-06
Class: VULNERABILITYFamily: unix




A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user (usually root). The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a file using sudoedit.

Platform:
Fedora 36
Fedora 37
Product:
sudo
Reference:
CVE-2023-22809
CVE    1
CVE-2023-22809
CPE    2
cpe:/a:todd_miller:sudo
cpe:/o:fedora_project:fedora:36

© SecPod Technologies