Privilege Escalation Vulnerability in Sudo Product by Sudo Project
CVE-2015-5602

Currently unrated

Key Information:

Vendor
Sudo Project
Status
Sudo
Vendor
CVE Published:
17 November 2015

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A vulnerability in the Sudo command-line utility prior to version 1.8.15 permits local users to exploit a symlink attack. This is executed through a file referenced in the /etc/sudoers configuration where wildcards are unabatedly utilized in defining paths. An attacker may leverage this weakness to gain elevated privileges on the system, potentially compromising its security and integrity. Mitigating this risk necessitates updating to the latest version of Sudo or configuring the /etc/sudoers file to avoid the use of wildcard characters.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

privesc-CVE-2015-5602
Created by t0kx

cve-2015-5602
Created by cved-sources

References

http://bugzilla.sudo.ws/show_bug.cgi?id=707
x_refsource_CONFIRM
http://www.sudo.ws/stable.html#1.8.15
x_refsource_CONFIRM
http://www.securitytracker.com/id/1034392
vdb-entryx_refsource_SECTRACK

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.