VYPR
High severity7.8NVD Advisory· Published Jan 30, 2009· Updated Jun 16, 2026

CVE-2009-0034

CVE-2009-0034

Description

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Gratisoft/Sudo3 versions
    cpe:2.3:a:gratisoft:sudo:1.6.9:p17:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:gratisoft:sudo:1.6.9:p17:*:*:*:*:*:*
    • cpe:2.3:a:gratisoft:sudo:1.6.9:p18:*:*:*:*:*:*
    • cpe:2.3:a:gratisoft:sudo:1.6.9:p19:*:*:*:*:*:*
  • cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
  • Sudo Project/Sudollm-create
    Range: 1.6.9p17 - 1.6.9p19

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.