Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-2959HistoryOct 25, 2005 - 4:02 p.m.
CVE-2005-2959
2005-10-2516:02:00
Debian Security Bug Tracker
security-tracker.debian.org
13
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
9.5%
Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | sudo | < 1.6.8p9-3 | sudo_1.6.8p9-3_all.deb |
| Debian | 11 | all | sudo | < 1.6.8p9-3 | sudo_1.6.8p9-3_all.deb |
| Debian | 999 | all | sudo | < 1.6.8p9-3 | sudo_1.6.8p9-3_all.deb |
| Debian | 13 | all | sudo | < 1.6.8p9-3 | sudo_1.6.8p9-3_all.deb |
Related
openvas
openvas
FreeBSD Ports: sudo
2008-09-04 00:00:00
Debian Security Advisory DSA 870-1 (sudo)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-870-1)
2008-01-17 00:00:00
freebsd
freebsd
sudo -- arbitrary command execution
2005-10-25 00:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2005-2959
2005-10-25 16:02:00
nessus
nessus
Ubuntu 4.10 / 5.04 / 5.10 : sudo vulnerability (USN-213-1)
2006-01-15 00:00:00
FreeBSD : sudo -- arbitrary command execution (1b725079-9ef6-11da-b410-000e0c2e438a)
2006-05-13 00:00:00
Debian DSA-870-1 : sudo - missing input sanitising
2006-10-14 00:00:00
redhatcve
redhatcve
CVE-2005-2959
2015-10-30 10:08:02
debian
debian
[SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution
2005-10-25 09:39:08
[SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution
2005-10-25 09:39:08
ubuntu
ubuntu
sudo vulnerability
2005-10-28 00:00:00
packetstorm
packetstorm
sudo168p10.sh.txt
2005-11-10 00:00:00
ubuntucve
ubuntucve
CVE-2005-2959
2005-10-25 00:00:00
cve
cve
CVE-2005-2959
2005-10-25 16:02:00
cvelist
cvelist
CVE-2005-2959
2005-10-25 04:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
9.5%
Related for DEBIANCVE:CVE-2005-2959