{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Sudo versions 1.6.9 \u00e0 1.7.2p3.","product":{"name":"Sudo","vendor":{"name":"Sudo","scada":false}}}],"affected_systems_content":"","content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 dans la commande Sudo permet \u00e0 un utilisateur, ayant\nla permission d'utiliser l'option \u00ab -e \u00bb (sudoedit), d'ex\u00e9cuter des\ncommandes arbitraires.\n\n## Solution\n\nMettre \u00e0 jour Sudo dans sa derni\u00e8re version stable (cf. section\nDocumentation).\n","cves":[],"links":[{"title":"Page de t\u00e9l\u00e9chargement de la derni\u00e8re version stable de    Sudo :","url":"http://www.sudo.ws/sudo/stable.html"}],"reference":"CERTA-2010-AVI-095","revisions":[{"description":"version initiale.","revision_date":"2010-03-01T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans Sudo permet \u00e0 une personne malintentionn\u00e9e de\ncontourner la politique de s\u00e9curit\u00e9.\n","title":"Vuln\u00e9rabilit\u00e9 dans Sudo","vendor_advisories":[{"published_at":"2010-02-22","title":"Bulletin de s\u00e9curit\u00e9 Sudo","url":"https://www.sudo.ws/security/advisories/sudoedit_escalate/"}]}