{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-05-24T00:00:00", "descriptions": [{"lang": "en", "value": "sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-22T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "92615", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92615"}, {"name": "RHSA-2016:2593", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://rhn.redhat.com/errata/RHSA-2016-2593.html"}, {"name": "[Bug-readline] 20160524 INPUTRC issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7091", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "92615", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92615"}, {"name": "RHSA-2016:2593", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2016-2593.html"}, {"name": "[Bug-readline] 20160524 INPUTRC issues", "refsource": "MLIST", "url": "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:50:47.551Z"}, "title": "CVE Program Container", "references": [{"name": "92615", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/92615"}, {"name": "RHSA-2016:2593", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://rhn.redhat.com/errata/RHSA-2016-2593.html"}, {"name": "[Bug-readline] 20160524 INPUTRC issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-7091", "datePublished": "2016-12-22T21:00:00", "dateReserved": "2016-08-25T00:00:00", "dateUpdated": "2024-08-06T01:50:47.551Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CECD221-9715-4ECD-88E5-3252EFCA784F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo."}, {"lang": "es", "value": "sudo: Se ha descubierto que la configuraci\u00f3n por defecto de sudo en Red Hat Enterprise Linux y posiblemente en otras implementaciones de Linux preserva el valor de INPUTRC lo que podr\u00eda llevar a revelaci\u00f3n de informaci\u00f3n. Un usuario local con acceso sudo a un programa restringido que utiliza readline puede utilizar esta falla para leer contenido de archivos especialmente formateados con privilegios elevados concedidos por sudo."}], "id": "CVE-2016-7091", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-12-22T21:59:00.113", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/92615"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://rhn.redhat.com/errata/RHSA-2016-2593.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/92615"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://lists.gnu.org/archive/html/bug-readline/2016-05/msg00009.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://rhn.redhat.com/errata/RHSA-2016-2593.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Grisha Levit for reporting this issue.", "affected_release": [{"advisory": "RHSA-2016:2593", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "sudo-0:1.8.6p7-20.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-11-03T00:00:00Z"}], "bugzilla": {"description": "sudo: Possible info leak via INPUTRC", "id": "1339935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339935"}, "csaw": false, "cvss": {"cvss_base_score": "3.6", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "status": "verified"}, "details": ["sudo: It was discovered that the default sudo configuration on Red Hat Enterprise Linux and possibly other Linux implementations preserves the value of INPUTRC which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo.", "It was discovered that the default sudo configuration preserved the value of INPUTRC from the user's environment, which could lead to information disclosure. A local user with sudo access to a restricted program that uses readline could use this flaw to read content from specially formatted files with elevated privileges provided by sudo."], "name": "CVE-2016-7091", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "compat-readline43", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "readline", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "sudo", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "compat-readline5", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "readline", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "sudo", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "readline", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Will not fix", "package_name": "readline", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:openshift:2", "fix_state": "Will not fix", "package_name": "readline", "product_name": "Red Hat OpenShift Enterprise 2"}], "public_date": "2016-05-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-7091\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-7091"], "threat_severity": "Low"}