← Back

CVE-2012-2337

nvd nist
Published: May 18, 2012Modified: Apr 29, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address.

Affected (19)

Products: Todd Miller: Sudo
Todd Miller
1 product
Sudo
Configuration A
19 vulnerable
Vulnerable SoftwareAffected Versions
Todd Miller
Sudo
Version 1.6.1
Sudo
Version 1.6.2
Sudo
Version 1.6.2p3
Sudo
Version 1.6.3
Sudo
Version 1.6.3_p7
Sudo
Version 1.6.4
Sudo
Version 1.6.4p2
Sudo
Version 1.6.5
Sudo
Version 1.6.6
Sudo
Version 1.6.7
Sudo
Version 1.6.7p5
Sudo
Version 1.6.8
Sudo
Version 1.6.8p12
Sudo
Version 1.6.9
Sudo
Version 1.6.9p20
Sudo
Version 1.6.9p21
Sudo
Version 1.6.9p22
Sudo
Version 1.6.9p23
Sudo
Version 1.6

Related CWEs

CWE-264
CWE-264

References (22)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.