{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-26T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-29T17:06:19.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2016:2872", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2872.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.sudo.ws/alerts/noexec_bypass.html"}, {"name": "95776", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95776"}, {"name": "USN-3968-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3968-3/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-7032", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2016:2872", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2872.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830"}, {"name": "https://www.sudo.ws/alerts/noexec_bypass.html", "refsource": "CONFIRM", "url": "https://www.sudo.ws/alerts/noexec_bypass.html"}, {"name": "95776", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95776"}, {"name": "USN-3968-3", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3968-3/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:50:46.837Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2016:2872", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2872.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.sudo.ws/alerts/noexec_bypass.html"}, {"name": "95776", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95776"}, {"name": "USN-3968-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3968-3/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-7032", "datePublished": "2017-04-14T18:00:00.000Z", "dateReserved": "2016-08-23T00:00:00.000Z", "dateUpdated": "2024-08-06T01:50:46.837Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "B6419309-385F-4525-AD4B-C73B1A3ED935", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "EE103608-6BCB-4EC0-8EB1-110A80829592", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "643ABD1F-83E1-4B71-AA59-8CF8B4018A46", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "8967DE4C-3D41-4BCE-97B0-469FCFBCE332", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5C0D8CB9-3156-4F7F-A616-59EF530540D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D705745-C004-4E7E-9E56-84FB2B7CF8FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "837DD56D-267D-4AAA-9DB3-4B42FAE6E10C", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "06A22F86-72E8-42AE-BD52-BFF6498AB999", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "7C585A90-21F0-4BCF-85A4-BF470F581CBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "28E7BF14-597B-4C3F-A8CE-5359C047F9C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "E4D329BB-490F-4903-93FC-E45AF6EAEE4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "A426F146-45BD-4666-81C0-00B719206288", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "46C40A7E-2ED8-4D13-A381-A219CC6B1B15", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4CCE5D7D-D269-4A10-B3C0-C5177F30BD29", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F57804C-633D-4A0C-AF73-21C0BFBEA715", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "97FF463B-A0BE-4E14-B644-F42D5D5CAB9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "2224F7BC-145F-4E06-AAD8-280AD42339CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "D0403E11-4280-49C2-9E38-E0524BC31768", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "9A71D36B-D2FD-4EDA-9D99-BF9F44DA980D", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "DB3D2805-A361-4A13-9E19-889CBE703137", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "2DC61847-D662-402E-907E-F79F92F155D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "C0CE60B2-566F-4ED5-8641-239770D2E72C", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.9:*:*:*:*:*:*:*", "matchCriteriaId": "045B81ED-812E-408B-8E8C-AEF65DE17057", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.10:*:*:*:*:*:*:*", "matchCriteriaId": "AF1AD785-0C73-4100-A9AD-9E7BA1F84CE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.11:*:*:*:*:*:*:*", "matchCriteriaId": "D6C13533-A5C8-4DF6-A181-BD54964AF274", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.12:*:*:*:*:*:*:*", "matchCriteriaId": "31F95A82-C148-4609-BFE9-5170AD365E66", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.13:*:*:*:*:*:*:*", "matchCriteriaId": "C66AE243-935F-4EF2-BC1B-A31976591F62", "vulnerable": true}, {"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.14:p3:*:*:*:*:*:*", "matchCriteriaId": "7F20D79C-0756-4456-B582-84CCA04E954A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function."}, {"lang": "es", "value": "Sudo_noexec.so en Sudo en versiones anteriores a 1.8.15 en Linux podr\u00eda permitir a los usuarios locales evitar las restricciones de comandos noexec pretendidas a trav\u00e9s de una aplicaci\u00f3n que llama al (1) sistema o (2) a la funci\u00f3n popen."}], "id": "CVE-2016-7032", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-14T18:59:00.783", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2872.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95776"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory", "VDB Entry"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830"}, {"source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/3968-3/"}, {"source": "secalert@redhat.com", "url": "https://www.sudo.ws/alerts/noexec_bypass.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-2872.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95776"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory", "VDB Entry"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/3968-3/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.sudo.ws/alerts/noexec_bypass.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Florian Weimer (Red Hat).", "affected_release": [{"advisory": "RHSA-2016:2872", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "sudo-0:1.8.6p3-25.el6_8", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-12-06T00:00:00Z"}, {"advisory": "RHSA-2016:2872", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "sudo-0:1.8.6p7-21.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-12-06T00:00:00Z"}], "bugzilla": {"description": "sudo: noexec bypass via system() and popen()", "id": "1372830", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372830"}, "csaw": false, "cvss": {"cvss_base_score": "6.6", "cvss_scoring_vector": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "status": "verified"}, "cvss3": {"cvss3_base_score": "6.4", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-184", "details": ["sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.", "It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system() or popen() C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use this flaw to execute arbitrary commands with elevated privileges."], "name": "CVE-2016-7032", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "sudo", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2016-10-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-7032\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-7032\nhttps://www.sudo.ws/alerts/noexec_bypass.html"], "threat_severity": "Moderate"}

{}