Sudo
by Todd Miller
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-1646 | 0.00 | — | 0.00 | Jun 7, 2010 | The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable. | |||
| CVE-2010-1163 | 0.00 | — | 0.00 | Apr 16, 2010 | The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary… | |||
| CVE-2010-0427 | 0.00 | — | 0.00 | Feb 25, 2010 | sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. | |||
| CVE-2010-0426 | 0.00 | — | 0.01 | Feb 24, 2010 | sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file,… | |||
| CVE-2007-3149 | 0.00 | — | 0.00 | Jun 11, 2007 | sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5_ environment variable settings. NOTE:… | |||
| CVE-2006-0151 | 0.00 | — | 0.01 | Jan 9, 2006 | sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158. | |||
| CVE-2005-2959 | 0.00 | — | 0.01 | Oct 25, 2005 | Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are. | |||
| CVE-2005-1993 | 0.00 | — | 0.00 | Jun 20, 2005 | Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack. | |||
| CVE-2005-1119 | 0.00 | — | 0.00 | May 2, 2005 | Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files. | |||
| CVE-2004-1051 | 0.00 | — | 0.01 | Mar 1, 2005 | sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. | |||
| CVE-1999-1496 | 0.00 | — | 0.01 | Jun 8, 1999 | Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist. | |||
| CVE-1999-0958 | 0.00 | — | 0.00 | Jan 12, 1998 | sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack. |
- CVE-2010-1646Jun 7, 2010risk 0.00cvss —epss 0.00
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
- CVE-2010-1163Apr 16, 2010risk 0.00cvss —epss 0.00
The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary…
- CVE-2010-0427Feb 25, 2010risk 0.00cvss —epss 0.00
sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.
- CVE-2010-0426Feb 24, 2010risk 0.00cvss —epss 0.01
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file,…
- CVE-2007-3149Jun 11, 2007risk 0.00cvss —epss 0.00
sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5_ environment variable settings. NOTE:…
- CVE-2006-0151Jan 9, 2006risk 0.00cvss —epss 0.01
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
- CVE-2005-2959Oct 25, 2005risk 0.00cvss —epss 0.01
Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.
- CVE-2005-1993Jun 20, 2005risk 0.00cvss —epss 0.00
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
- CVE-2005-1119May 2, 2005risk 0.00cvss —epss 0.00
Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files.
- CVE-2004-1051Mar 1, 2005risk 0.00cvss —epss 0.01
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
- CVE-1999-1496Jun 8, 1999risk 0.00cvss —epss 0.01
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
- CVE-1999-0958Jan 12, 1998risk 0.00cvss —epss 0.00
sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack.
Page 2 of 2