This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Todd Miller First view 2009-01-30
Product Sudo Last view 2013-04-08
Version 1.6.9_p18 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:todd_miller:sudo

Activity : Overall

Related : CVE

  Date Alert Description
4.4 2013-04-08 CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.

6.9 2011-01-20 CVE-2011-0008

A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression.

6.9 2010-04-16 CVE-2010-1163

The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.

4.4 2010-02-25 CVE-2010-0427

sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.

6.9 2010-02-24 CVE-2010-0426

sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory.

6.9 2009-01-30 CVE-2009-0034

parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.

CWE : Common Weakness Enumeration

%idName
80% (4) CWE-264 Permissions, Privileges, and Access Controls
20% (1) CWE-20 Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-13 Subverting Environment Variable Values
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-39 Manipulating Opaque Client-based Data Tokens
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-51 Poison Web Service Registry
CAPEC-59 Session Credential Falsification through Prediction
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-76 Manipulating Input to File System Calls
CAPEC-77 Manipulating User-Controlled Variables
CAPEC-87 Forceful Browsing
CAPEC-104 Cross Zone Scripting

Open Source Vulnerability Database (OSVDB)

id Description
63878 sudo sudoedit Command Matching Failure Privilege Escalation
62657 sudo runas_default Option Group Membership Local Privilege Escalation
62515 sudo sudoedit Command Handling Local Privilege Escalation
51736 sudo parse.c System Group Interpretation Local Privilege Escalation

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2011-08-09 Name : CentOS Update for sudo CESA-2010:0122 centos5 i386
File : nvt/gb_CESA-2010_0122_sudo_centos5_i386.nasl
2011-08-09 Name : CentOS Update for sudo CESA-2010:0361 centos5 i386
File : nvt/gb_CESA-2010_0361_sudo_centos5_i386.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201006-09 (sudo)
File : nvt/glsa_201006_09.nasl
2011-01-24 Name : Mandriva Update for sudo MDVSA-2011:018 (sudo)
File : nvt/gb_mandriva_MDVSA_2011_018.nasl
2011-01-24 Name : Fedora Update for sudo FEDORA-2011-0455
File : nvt/gb_fedora_2011_0455_sudo_fc13.nasl
2011-01-21 Name : Fedora Update for sudo FEDORA-2011-0470
File : nvt/gb_fedora_2011_0470_sudo_fc14.nasl
2010-05-07 Name : Fedora Update for sudo FEDORA-2010-6701
File : nvt/gb_fedora_2010_6701_sudo_fc12.nasl
2010-05-07 Name : Fedora Update for sudo FEDORA-2010-6749
File : nvt/gb_fedora_2010_6749_sudo_fc11.nasl
2010-04-30 Name : Mandriva Update for sudo MDVSA-2010:078-1 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_078_1.nasl
2010-04-29 Name : RedHat Update for sudo RHSA-2010:0361-01
File : nvt/gb_RHSA-2010_0361-01_sudo.nasl
2010-04-21 Name : FreeBSD Ports: sudo
File : nvt/freebsd_sudo6.nasl
2010-04-19 Name : Mandriva Update for sudo MDVSA-2010:078 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_078.nasl
2010-04-16 Name : Ubuntu Update for sudo vulnerability USN-928-1
File : nvt/gb_ubuntu_USN_928_1.nasl
2010-03-16 Name : Gentoo Security Advisory GLSA 201003-01 (sudo)
File : nvt/glsa_201003_01.nasl
2010-03-16 Name : FreeBSD Ports: sudo
File : nvt/freebsd_sudo5.nasl
2010-03-12 Name : Fedora Update for sudo FEDORA-2010-3415
File : nvt/gb_fedora_2010_3415_sudo_fc11.nasl
2010-03-12 Name : Fedora Update for sudo FEDORA-2010-3359
File : nvt/gb_fedora_2010_3359_sudo_fc12.nasl
2010-03-12 Name : Mandriva Update for sudo MDVSA-2010:052 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_052.nasl
2010-03-02 Name : Mandriva Update for sudo MDVSA-2010:049 (sudo)
File : nvt/gb_mandriva_MDVSA_2010_049.nasl
2010-03-02 Name : RedHat Update for sudo RHSA-2010:0122-01
File : nvt/gb_RHSA-2010_0122-01_sudo.nasl
2010-03-02 Name : Ubuntu Update for sudo vulnerabilities USN-905-1
File : nvt/gb_ubuntu_USN_905_1.nasl
2010-02-15 Name : Mandriva Update for microcode_ctl MDVA-2010:052 (microcode_ctl)
File : nvt/gb_mandriva_MDVA_2010_052.nasl
2010-02-08 Name : Mandriva Update for mailcap MDVA-2010:049 (mailcap)
File : nvt/gb_mandriva_MDVA_2010_049.nasl
2009-07-29 Name : Ubuntu USN-799-1 (dbus)
File : nvt/ubuntu_799_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-06-22 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2016-0079.nasl - Type: ACT_GATHER_INFO
2016-03-08 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_VMSA-2010-0009_remote.nasl - Type: ACT_GATHER_INFO
2016-03-03 Name: The remote host is missing a security-related patch.
File: vmware_VMSA-2009-0009_remote.nasl - Type: ACT_GATHER_INFO
2015-08-17 Name: The remote host is missing a Mac OS X update that fixes multiple security vul...
File: macosx_10_10_5.nasl - Type: ACT_GATHER_INFO
2014-11-17 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2010-0476.nasl - Type: ACT_GATHER_INFO
2014-11-12 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2013-1701.nasl - Type: ACT_GATHER_INFO
2014-11-08 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2013-1527.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_sudo-110114.nasl - Type: ACT_GATHER_INFO
2014-01-22 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201401-23.nasl - Type: ACT_GATHER_INFO
2013-12-14 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2013-259.nasl - Type: ACT_GATHER_INFO
2013-12-10 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20131121_sudo_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2013-11-27 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2013-1701.nasl - Type: ACT_GATHER_INFO
2013-11-21 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2013-1701.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2010-0361.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2010-0122.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2009-0267.nasl - Type: ACT_GATHER_INFO
2013-05-16 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_sudo-8562.nasl - Type: ACT_GATHER_INFO
2013-05-16 Name: The remote SuSE 11 host is missing a security update.
File: suse_11_sudo-130430.nasl - Type: ACT_GATHER_INFO
2013-03-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2642.nasl - Type: ACT_GATHER_INFO
2013-03-07 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2013-065-01.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing a security update.
File: sl_20100226_sudo_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing a security update.
File: sl_20100420_sudo_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing a security update.
File: sl_20090205_sudo_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2011-05-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_2_sudo-110114.nasl - Type: ACT_GATHER_INFO
2011-02-17 Name: The remote VMware ESX host is missing one or more security-related patches.
File: vmware_VMSA-2009-0009.nasl - Type: ACT_GATHER_INFO