security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e91fc4486e57fc40e30d12253694de4c80a9e4ea
blue-team-tools/rules/linux/builtin/lnx_sudo_cve_2019_14287.yml
T
frack113 4631d0c482 remove invalid tag
2022-01-19 18:23:30 +01:00

25 lines
729 B
YAML
Raw Blame History

title: Sudo Privilege Escalation CVE-2019-14287
id: f74107df-b6c6-4e80-bf00-4170b658162b
status: experimental
description: Detects users trying to exploit sudo vulnerability reported in CVE-2019-14287
author: Florian Roth
date: 2019/10/15
modified: 2021/09/14
references:
- https://www.openwall.com/lists/oss-security/2019/10/14/1
- https://access.redhat.com/security/cve/cve-2019-14287
- https://twitter.com/matthieugarin/status/1183970598210412546
logsource:
product: linux
tags:
- attack.privilege_escalation
- attack.t1068
- attack.t1548.003
- cve.2019.14287
detection:
selection_keywords:
- '* -u#*'
condition: selection_keywords
falsepositives:
- Unlikely
level: critical
Reference in New Issue View Git Blame Copy Permalink