28 matches found
CVE-2004-1689
sudoedit aka sudo -e in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit...
CVE-2004-1689
sudoedit aka sudo -e in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit...
sudoedit can expose protected file contents
Overview Sudo's -e option sudoedit improperly handles temporary files, allowing an attacker to read files that would otherwise be inaccessible. Description Sudo is a utility that allows specific users to run certain commands as root. Beginning with version 1.6.8, sudo provides safe editing...
SudoEdit 1.6.8 Local Change Permission Exploit
No description provided by source. / Copyright © Rosiello Security 2004 http://www.rosiello.org sudoedit Exploit SOFTWARE : sudoedit REFERENCE: http://www.sudo.ws/sudo/alerts/sudoedit.html DATE: 18/09/2004 Summary: A flaw in exists in sudo's -u option aka sudoedit in sudo version 1.6.8 that can...
SudoEdit 1.6.8 - Local Change Permission
/ Copyright © Rosiello Security 2004 http://www.rosiello.org sudoedit Exploit SOFTWARE : sudoedit REFERENCE: http://www.sudo.ws/sudo/alerts/sudoedit.html DATE: 18/09/2004 Summary: A flaw in exists in sudo's -u option aka sudoedit in sudo version 1.6.8 that can give an attacker read permission to ...
CVE-2004-1689
sudoedit aka sudo -e in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit...
DEBIAN-CVE-2004-1689
sudoedit aka sudo -e in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit...
CVE-2004-1689
sudoedit aka sudo -e in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit...