CVE-2011-0008

A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression.

Published: 2011-01-20 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2011-0008 is rated Low Risk (32.5/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.05%). Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2011-0008

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-05-11 0.10% 0.05% -0.05%
2 2025-03-17 0.04% 0.10% +0.05%
3 2023-03-07 0.04%

Full EPSS history (4 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2011-0008

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
6.9 2.0 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 3.4 10.0 [email protected]

Weakness enumeration for CVE-2011-0008

OS Trackers for CVE-2011-0008

vendor priority summary link
debian unimportant CVE-2011-0008 unimportant priority: Debian including 1 source packages (sudo), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2011-0008
redhat medium https://access.redhat.com/security/cve/CVE-2011-0008
ubuntu medium CVE-2011-0008 medium priority: Ubuntu including 1 source packages (sudo), 6 status rows across 6 suites (dapper, hardy, karmic, lucid, maverick, upstream): not-affected 6. https://ubuntu.com/security/CVE-2011-0008

Affected software / configurations for CVE-2011-0008

Vendor Product Version Raw CPE
todd_miller sudo <= 1.7.4p5 cpe:2.3:a:todd_miller:sudo:*:*:*:*:*:*:*:*
todd_miller sudo 1.3.1 cpe:2.3:a:todd_miller:sudo:1.3.1:*:*:*:*:*:*:*
todd_miller sudo 1.5 cpe:2.3:a:todd_miller:sudo:1.5:*:*:*:*:*:*:*
todd_miller sudo 1.5.2 cpe:2.3:a:todd_miller:sudo:1.5.2:*:*:*:*:*:*:*
todd_miller sudo 1.5.3 cpe:2.3:a:todd_miller:sudo:1.5.3:*:*:*:*:*:*:*
todd_miller sudo 1.5.6 cpe:2.3:a:todd_miller:sudo:1.5.6:*:*:*:*:*:*:*
todd_miller sudo 1.5.7 cpe:2.3:a:todd_miller:sudo:1.5.7:*:*:*:*:*:*:*
todd_miller sudo 1.5.8 cpe:2.3:a:todd_miller:sudo:1.5.8:*:*:*:*:*:*:*
todd_miller sudo 1.5.9 cpe:2.3:a:todd_miller:sudo:1.5.9:*:*:*:*:*:*:*
todd_miller sudo 1.6 cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*
todd_miller sudo 1.6.1 cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*
todd_miller sudo 1.6.2 cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*
todd_miller sudo 1.6.2p1 cpe:2.3:a:todd_miller:sudo:1.6.2p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.2p2 cpe:2.3:a:todd_miller:sudo:1.6.2p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.2p3 cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*
todd_miller sudo 1.6.3 cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p1 cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p2 cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p3 cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p4 cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p5 cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p6 cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p7 cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*
todd_miller sudo 1.6.3p1 cpe:2.3:a:todd_miller:sudo:1.6.3p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.3p2 cpe:2.3:a:todd_miller:sudo:1.6.3p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.3p3 cpe:2.3:a:todd_miller:sudo:1.6.3p3:*:*:*:*:*:*:*
todd_miller sudo 1.6.3p4 cpe:2.3:a:todd_miller:sudo:1.6.3p4:*:*:*:*:*:*:*
todd_miller sudo 1.6.3p5 cpe:2.3:a:todd_miller:sudo:1.6.3p5:*:*:*:*:*:*:*
todd_miller sudo 1.6.3p6 cpe:2.3:a:todd_miller:sudo:1.6.3p6:*:*:*:*:*:*:*
todd_miller sudo 1.6.3p7 cpe:2.3:a:todd_miller:sudo:1.6.3p7:*:*:*:*:*:*:*
todd_miller sudo 1.6.4 cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*
todd_miller sudo 1.6.4_p1 cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.4_p2 cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.4p1 cpe:2.3:a:todd_miller:sudo:1.6.4p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.4p2 cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.5 cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*
todd_miller sudo 1.6.5_p1 cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.5_p2 cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.5p1 cpe:2.3:a:todd_miller:sudo:1.6.5p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.5p2 cpe:2.3:a:todd_miller:sudo:1.6.5p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.6 cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*
todd_miller sudo 1.6.7 cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*
todd_miller sudo 1.6.7_p5 cpe:2.3:a:todd_miller:sudo:1.6.7_p5:*:*:*:*:*:*:*
todd_miller sudo 1.6.7p1 cpe:2.3:a:todd_miller:sudo:1.6.7p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.7p2 cpe:2.3:a:todd_miller:sudo:1.6.7p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.7p3 cpe:2.3:a:todd_miller:sudo:1.6.7p3:*:*:*:*:*:*:*
todd_miller sudo 1.6.7p4 cpe:2.3:a:todd_miller:sudo:1.6.7p4:*:*:*:*:*:*:*
todd_miller sudo 1.6.7p5 cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*
todd_miller sudo 1.6.8 cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*
todd_miller sudo 1.6.8_p1 cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.8_p2 cpe:2.3:a:todd_miller:sudo:1.6.8_p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.8_p5 cpe:2.3:a:todd_miller:sudo:1.6.8_p5:*:*:*:*:*:*:*
todd_miller sudo 1.6.8_p7 cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:*
todd_miller sudo 1.6.8_p8 cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:*
todd_miller sudo 1.6.8_p9 cpe:2.3:a:todd_miller:sudo:1.6.8_p9:*:*:*:*:*:*:*
todd_miller sudo 1.6.8_p12 cpe:2.3:a:todd_miller:sudo:1.6.8_p12:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p1 cpe:2.3:a:todd_miller:sudo:1.6.8p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p2 cpe:2.3:a:todd_miller:sudo:1.6.8p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p3 cpe:2.3:a:todd_miller:sudo:1.6.8p3:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p4 cpe:2.3:a:todd_miller:sudo:1.6.8p4:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p5 cpe:2.3:a:todd_miller:sudo:1.6.8p5:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p6 cpe:2.3:a:todd_miller:sudo:1.6.8p6:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p7 cpe:2.3:a:todd_miller:sudo:1.6.8p7:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p8 cpe:2.3:a:todd_miller:sudo:1.6.8p8:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p9 cpe:2.3:a:todd_miller:sudo:1.6.8p9:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p10 cpe:2.3:a:todd_miller:sudo:1.6.8p10:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p11 cpe:2.3:a:todd_miller:sudo:1.6.8p11:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p12 cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*
todd_miller sudo 1.6.9 cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*
todd_miller sudo 1.6.9_p17 cpe:2.3:a:todd_miller:sudo:1.6.9_p17:*:*:*:*:*:*:*
todd_miller sudo 1.6.9_p18 cpe:2.3:a:todd_miller:sudo:1.6.9_p18:*:*:*:*:*:*:*
todd_miller sudo 1.6.9_p19 cpe:2.3:a:todd_miller:sudo:1.6.9_p19:*:*:*:*:*:*:*
todd_miller sudo 1.6.9_p20 cpe:2.3:a:todd_miller:sudo:1.6.9_p20:*:*:*:*:*:*:*
todd_miller sudo 1.6.9_p21 cpe:2.3:a:todd_miller:sudo:1.6.9_p21:*:*:*:*:*:*:*
todd_miller sudo 1.6.9_p22 cpe:2.3:a:todd_miller:sudo:1.6.9_p22:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p1 cpe:2.3:a:todd_miller:sudo:1.6.9p1:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p2 cpe:2.3:a:todd_miller:sudo:1.6.9p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p3 cpe:2.3:a:todd_miller:sudo:1.6.9p3:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p4 cpe:2.3:a:todd_miller:sudo:1.6.9p4:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p5 cpe:2.3:a:todd_miller:sudo:1.6.9p5:*:*:*:*:*:*:*

References for CVE-2011-0008

cvelogic Threat Intelligence