CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
10.1%
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
Vendor | Product | Version | CPE |
---|---|---|---|
todd_miller | sudo | 1.3.1 | cpe:2.3:a:todd_miller:sudo:1.3.1:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6 | cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.1 | cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.2 | cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.2p1 | cpe:2.3:a:todd_miller:sudo:1.6.2p1:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.2p2 | cpe:2.3:a:todd_miller:sudo:1.6.2p2:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.2p3 | cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.3 | cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.3p1 | cpe:2.3:a:todd_miller:sudo:1.6.3p1:*:*:*:*:*:*:* |
todd_miller | sudo | 1.6.3p2 | cpe:2.3:a:todd_miller:sudo:1.6.3p2:*:*:*:*:*:*:* |
lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html
lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html
lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
secunia.com/advisories/40002
secunia.com/advisories/40188
secunia.com/advisories/40215
secunia.com/advisories/40508
secunia.com/advisories/43068
security.gentoo.org/glsa/glsa-201009-03.xml
wiki.rpath.com/Advisories:rPSA-2010-0075
www.debian.org/security/2010/dsa-2062
www.mandriva.com/security/advisories?name=MDVSA-2010:118
www.osvdb.org/65083
www.redhat.com/support/errata/RHSA-2010-0475.html
www.securityfocus.com/archive/1/514489/100/0/threaded
www.securityfocus.com/bid/40538
www.securitytracker.com/id?1024101
www.sudo.ws/repos/sudo/rev/3057fde43cf0
www.sudo.ws/repos/sudo/rev/a09c6812eaec
www.sudo.ws/sudo/alerts/secure_path.html
www.vupen.com/english/advisories/2010/1452
www.vupen.com/english/advisories/2010/1478
www.vupen.com/english/advisories/2010/1518
www.vupen.com/english/advisories/2010/1519
www.vupen.com/english/advisories/2011/0212
bugzilla.redhat.com/show_bug.cgi?id=598154
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338