CVE-2004-1689

2004-09-16T04:00:00
ID CVE-2004-1689
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.