CVE-2016-7091 in sudoinfo

Summary

sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

08/25/2016

Disclosure

12/22/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

4.3

EPSS

0.00069

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7091
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7091
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7091/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!