Privilege Escalation Vulnerability in Sudo Product by Sudo Project
CVE-2015-5602

Currently unrated

Key Information:

Vendor: Sudo Project
Status: Sudo
Vendor: CVE Published:; 17 November 2015

🔔 Create Sudo Project Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2015-5602?

A vulnerability in the Sudo command-line utility prior to version 1.8.15 permits local users to exploit a symlink attack. This is executed through a file referenced in the /etc/sudoers configuration where wildcards are unabatedly utilized in defining paths. An attacker may leverage this weakness to gain elevated privileges on the system, potentially compromising its security and integrity. Mitigating this risk necessitates updating to the latest version of Sudo or configuring the /etc/sudoers file to avoid the use of wildcard characters.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

privesc-CVE-2015-5602
Created by t0kx

cve-2015-5602
Created by cved-sources

References

http://bugzilla.sudo.ws/show_bug.cgi?id=707

x_refsource_CONFIRM

http://www.sudo.ws/stable.html#1.8.15

x_refsource_CONFIRM

http://www.securitytracker.com/id/1034392

vdb-entryx_refsource_SECTRACK

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jan 6, 2019
👾
Exploit known to exist
Jan 6, 2019
Vulnerability published
Nov 17, 2015
Vulnerability Reserved
Jul 20, 2015