Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-4158HistoryDec 11, 2005 - 2:03 a.m.
CVE-2005-4158
2005-12-1102:03:00
Debian Security Bug Tracker
security-tracker.debian.org
9
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
0.4%
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | sudo | < 1.6.8p12-1 | sudo_1.6.8p12-1_all.deb |
| Debian | 11 | all | sudo | < 1.6.8p12-1 | sudo_1.6.8p12-1_all.deb |
| Debian | 10 | all | sudo | < 1.6.8p12-1 | sudo_1.6.8p12-1_all.deb |
| Debian | 999 | all | sudo | < 1.6.8p12-1 | sudo_1.6.8p12-1_all.deb |
| Debian | 13 | all | sudo | < 1.6.8p12-1 | sudo_1.6.8p12-1_all.deb |
Related
nessus
nessus
Ubuntu 4.10 / 5.04 / 5.10 : sudo vulnerability (USN-235-2)
2006-01-21 00:00:00
Ubuntu 4.10 / 5.04 / 5.10 : sudo vulnerability (USN-235-1)
2006-01-21 00:00:00
Debian DSA-946-2 : sudo - missing input sanitising
2006-10-14 00:00:00
cve
cve
CVE-2005-4158
2005-12-11 02:03:00
CVE-2006-0151
2006-01-09 23:03:00
ubuntucve
ubuntucve
CVE-2005-4158
2005-12-11 00:00:00
CVE-2006-0151
2006-01-09 00:00:00
ubuntu
ubuntu
sudo vulnerability
2006-01-06 00:00:00
sudo vulnerability
2006-01-09 00:00:00
securityvulns
securityvulns
[Full-disclosure] [USN-235-2] sudo vulnerability
2006-01-09 00:00:00
prion
prion
Code injection
2006-01-09 23:03:00
openvas
openvas
Debian Security Advisory DSA 946-1 (sudo)
2008-01-17 00:00:00
Debian Security Advisory DSA 946-2 (sudo)
2008-01-17 00:00:00
Debian Security Advisory DSA 946-1 (sudo)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2006-0151
2006-01-09 23:00:00
debian
debian
[SECURITY] [DSA 946-1] New sudo packages fix privilege escalation
2006-01-20 00:00:00
[SECURITY] [DSA 946-2] New sudo packages fix privilege escalation
2006-04-08 00:00:00
[SECURITY] [DSA 946-1] New sudo packages fix privilege escalation
2006-01-20 10:24:04
debiancve
debiancve
CVE-2006-0151
2006-01-09 23:03:00
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
0.4%
Related for DEBIANCVE:CVE-2005-4158