daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: wrong title and author for CVE-2019-14287.yaml

patch-1
Muhammad Daffa 2023-12-13 22:09:13 +07:00 committed by GitHub
parent b2e48fb11f
commit 4989a2d085
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
code/cves/2023/CVE-2019-14287.yaml
View File

@ -1,8 +1,8 @@
id: CVE-2019-14287
info:
name: GameOver(lay) - Local Privilege Escalation in Ubuntu Kernel
author: princechaddha
name: Sudo <= 1.8.27 - Security Bypass
author: daffainfo
severity: high
description: |
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.