← volver
CVE-2010-2757

CVE-2010-2757

EPSS 1.3%
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=450013https://bugzilla.redhat.com/show_bug.cgi?id=623423http://secunia.com/advisories/40892http://secunia.com/advisories/41128http://www.bugzilla.org/security/3.2.7/http://www.securityfocus.com/bid/42275http://www.vupen.com/english/advisories/2010/2035http://www.vupen.com/english/advisories/2010/2205