What is the severity of REDHAT-BUG-668843?

The severity of REDHAT-BUG-668843 is classified as important due to its potential impact on group membership checks.

How do I fix REDHAT-BUG-668843?

To fix REDHAT-BUG-668843, you should update your sudo package to the latest version that addresses this issue.

What versions of sudo are affected by REDHAT-BUG-668843?

REDHAT-BUG-668843 affects sudo versions prior to 1.7.3.

What are the implications of not fixing REDHAT-BUG-668843?

Not fixing REDHAT-BUG-668843 may lead to unauthorized access due to incorrect group membership determination.

Where can I find more details on REDHAT-BUG-668843?

More details on REDHAT-BUG-668843 can be found in the Red Hat bug tracking system.

Vulnerability/
REDHAT-BUG-668843

medium

11/1/2011

24/2/2021

REDHAT-BUG-668843

First published: Tue Jan 11 2011(Updated: )

Due to upstream changes in how sudo 1.7.3 handles group membership checks, the patch used to correct <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED RAWHIDE - sudo can't always correctly determine group membership" href="show_bug.cgi?id=235915">bug #235915</a> (sudo can't always correctly determine group memberships) was incorrectly rediffed, making sudo in Fedora once again vulnerable to <a href="https://access.redhat.com/security/cve/CVE-2009-0034">CVE-2009-0034</a> (incorrect handling of groups in Runas_User). Statement: Not vulnerable. This issue did not affect the versions of sudo as shipped with Red Hat Enterprise Linux 4, 5, or 6.

Affected Software	Affected Version	How to fix
CentOS Sudo	>1.7.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of REDHAT-BUG-668843?
The severity of REDHAT-BUG-668843 is classified as important due to its potential impact on group membership checks.
How do I fix REDHAT-BUG-668843?
To fix REDHAT-BUG-668843, you should update your sudo package to the latest version that addresses this issue.
What versions of sudo are affected by REDHAT-BUG-668843?
REDHAT-BUG-668843 affects sudo versions prior to 1.7.3.
What are the implications of not fixing REDHAT-BUG-668843?
Not fixing REDHAT-BUG-668843 may lead to unauthorized access due to incorrect group membership determination.
Where can I find more details on REDHAT-BUG-668843?
More details on REDHAT-BUG-668843 can be found in the Red Hat bug tracking system.

agent/type
agent/first-publish-date
agent/last-modified-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2011-0008
agent/references
agent/severity
agent/event
agent/description
agent/trending
agent/source
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/sudo
canonical/centos sudo

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.