This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Todd Miller First view 2005-03-01
Product Sudo Last view 2013-04-08
Version 1.6.4_p1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:todd_miller:sudo

Activity : Overall

Related : CVE

  Date Alert Description
4.4 2013-04-08 CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.

6.9 2011-01-20 CVE-2011-0008

A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression.

4.4 2010-02-25 CVE-2010-0427

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.

6.9 2010-02-24 CVE-2010-0426

sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory.

6.2 2007-08-13 CVE-2007-4305

Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing.

7.2 2006-01-09 CVE-2006-0151

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

4.6 2005-12-10 CVE-2005-4158

Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script.

4.6 2005-10-25 CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.

3.7 2005-06-20 CVE-2005-1993

Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.

2.1 2005-05-02 CVE-2005-1119

Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files.

7.2 2005-03-01 CVE-2004-1051

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

CWE : Common Weakness Enumeration

%idName
100% (4) CWE-264 Permissions, Privileges, and Access Controls

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-6 Argument Injection
CAPEC-15 Command Delimiters
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-63 Simple Script Injection
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic
CAPEC-73 User-Controlled Filename
CAPEC-85 Client Network Footprinting (using AJAX/XSS)
CAPEC-86 Embedding Script (XSS ) in HTTP Headers
CAPEC-163 Spear Phishing

Open Source Vulnerability Database (OSVDB)

id Description
62657 sudo runas_default Option Group Membership Local Privilege Escalation
62515 sudo sudoedit Command Handling Local Privilege Escalation
51736 sudo parse.c System Group Interpretation Local Privilege Escalation
39589 Multiple BSD Systrace Sysjail Policies Race Condition Access Control Policy B...
39588 Multiple BSD Sudo Monitor Mode Race Condition Access Control Policy Bypass
20764 Sudo PERL5OPT Environment Cleaning Multiple Variable Privilege Escalation
20303 Sudo Environment Variable Manipulation Local Privilege Escalation
17396 Sudo sudoers ALL Entry Race Condition
16611 Sudo VISudo Symlink Arbitrary File Corruption
11716 sudo Bash Script Subversion Arbitrary Command Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2011-08-09 Name : CentOS Update for sudo CESA-2010:0361 centos5 i386
File : nvt/gb_CESA-2010_0361_sudo_centos5_i386.nasl
2011-08-09 Name : CentOS Update for sudo CESA-2010:0122 centos5 i386
File : nvt/gb_CESA-2010_0122_sudo_centos5_i386.nasl
2011-01-24 Name : Fedora Update for sudo FEDORA-2011-0455
File : nvt/gb_fedora_2011_0455_sudo_fc13.nasl
2011-01-24 Name : Mandriva Update for sudo MDVSA-2011:018 (sudo)
File : nvt/gb_mandriva_MDVSA_2011_018.nasl
2011-01-21 Name : Fedora Update for sudo FEDORA-2011-0470
File : nvt/gb_fedora_2011_0470_sudo_fc14.nasl
2010-05-07 Name : Fedora Update for sudo FEDORA-2010-6749
File : nvt/gb_fedora_2010_6749_sudo_fc11.nasl
2010-05-07 Name : Fedora Update for sudo FEDORA-2010-6701
File : nvt/gb_fedora_2010_6701_sudo_fc12.nasl
2010-04-30 Name : Mandriva Update for sudo MDVSA-2010:078-1 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_078_1.nasl
2010-04-29 Name : RedHat Update for sudo RHSA-2010:0361-01
File : nvt/gb_RHSA-2010_0361-01_sudo.nasl
2010-04-21 Name : FreeBSD Ports: sudo
File : nvt/freebsd_sudo6.nasl
2010-04-19 Name : Mandriva Update for sudo MDVSA-2010:078 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_078.nasl
2010-04-16 Name : Ubuntu Update for sudo vulnerability USN-928-1
File : nvt/gb_ubuntu_USN_928_1.nasl
2010-03-16 Name : FreeBSD Ports: sudo
File : nvt/freebsd_sudo5.nasl
2010-03-16 Name : Gentoo Security Advisory GLSA 201003-01 (sudo)
File : nvt/glsa_201003_01.nasl
2010-03-12 Name : Fedora Update for sudo FEDORA-2010-3359
File : nvt/gb_fedora_2010_3359_sudo_fc12.nasl
2010-03-12 Name : Fedora Update for sudo FEDORA-2010-3415
File : nvt/gb_fedora_2010_3415_sudo_fc11.nasl
2010-03-12 Name : Mandriva Update for sudo MDVSA-2010:052 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_052.nasl
2010-03-02 Name : Ubuntu Update for sudo vulnerabilities USN-905-1
File : nvt/gb_ubuntu_USN_905_1.nasl
2010-03-02 Name : RedHat Update for sudo RHSA-2010:0122-01
File : nvt/gb_RHSA-2010_0122-01_sudo.nasl
2010-03-02 Name : Mandriva Update for sudo MDVSA-2010:049 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_049.nasl
2010-02-15 Name : Mandriva Update for microcode_ctl MDVA-2010:052 (microcode_ctl)
File : nvt/gb_mandriva_MDVA_2010_052.nasl
2010-02-08 Name : Mandriva Update for mailcap MDVA-2010:049 (mailcap)
File : nvt/gb_mandriva_MDVA_2010_049.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for sudo
File : nvt/sles9p5019263.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-06-22 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2016-0079.nasl - Type: ACT_GATHER_INFO
2016-03-08 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_VMSA-2010-0009_remote.nasl - Type: ACT_GATHER_INFO
2015-08-17 Name: The remote host is missing a Mac OS X update that fixes multiple security vul...
File: macosx_10_10_5.nasl - Type: ACT_GATHER_INFO
2014-11-17 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2010-0476.nasl - Type: ACT_GATHER_INFO
2014-11-12 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2013-1701.nasl - Type: ACT_GATHER_INFO
2014-11-08 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2013-1527.nasl - Type: ACT_GATHER_INFO
2014-01-22 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201401-23.nasl - Type: ACT_GATHER_INFO
2013-12-14 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2013-259.nasl - Type: ACT_GATHER_INFO
2013-12-10 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20131121_sudo_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2013-11-27 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2013-1701.nasl - Type: ACT_GATHER_INFO
2013-11-21 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2013-1701.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2009-0267.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2010-0122.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2010-0361.nasl - Type: ACT_GATHER_INFO
2013-05-16 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_sudo-8562.nasl - Type: ACT_GATHER_INFO
2013-05-16 Name: The remote SuSE 11 host is missing a security update.
File: suse_11_sudo-130430.nasl - Type: ACT_GATHER_INFO
2013-03-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2642.nasl - Type: ACT_GATHER_INFO
2013-03-07 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2013-065-01.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing a security update.
File: sl_20100226_sudo_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-01-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-773.nasl - Type: ACT_GATHER_INFO
2011-01-28 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2011-018.nasl - Type: ACT_GATHER_INFO
2011-01-24 Name: The remote Fedora host is missing a security update.
File: fedora_2011-0455.nasl - Type: ACT_GATHER_INFO
2011-01-19 Name: The remote Fedora host is missing a security update.
File: fedora_2011-0470.nasl - Type: ACT_GATHER_INFO
2010-10-11 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_sudo-6892.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-6756.nasl - Type: ACT_GATHER_INFO