3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
25.5%
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root with logging.
A race condition bug was found in the way sudo handles pathnames. It is
possible that a local user with limited sudo access could create
a race condition that would allow the execution of arbitrary commands as
the root user. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-1993 to this issue.
Users of sudo should update to this updated package, which contains a
backported patch and is not vulnerable to this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ppc | sudo | < 1.6.7p5-1.1 | sudo-1.6.7p5-1.1.ppc.rpm |
RedHat | any | s390x | sudo | < 1.6.7p5-30.1.1 | sudo-1.6.7p5-30.1.1.s390x.rpm |
RedHat | any | s390 | sudo | < 1.6.7p5-30.1.1 | sudo-1.6.7p5-30.1.1.s390.rpm |
RedHat | any | ia64 | sudo | < 1.6.7p5-30.1.1 | sudo-1.6.7p5-30.1.1.ia64.rpm |
RedHat | any | i386 | sudo | < 1.6.7p5-1.1 | sudo-1.6.7p5-1.1.i386.rpm |
RedHat | any | ia64 | sudo | < 1.6.7p5-1.1 | sudo-1.6.7p5-1.1.ia64.rpm |
RedHat | any | ppc | sudo | < 1.6.7p5-30.1.1 | sudo-1.6.7p5-30.1.1.ppc.rpm |
RedHat | any | x86_64 | sudo | < 1.6.7p5-1.1 | sudo-1.6.7p5-1.1.x86_64.rpm |
RedHat | any | i386 | sudo | < 1.6.7p5-30.1.1 | sudo-1.6.7p5-30.1.1.i386.rpm |
RedHat | any | x86_64 | sudo | < 1.6.7p5-30.1.1 | sudo-1.6.7p5-30.1.1.x86_64.rpm |