Lucene search
GoogleOSV:DSA-596-2HistoryNov 24, 2004 - 12:00 a.m.
sudo - missing input sanitising
2004-11-2400:00:00
Google
osv.dev
7
0.001 Low
EPSS
Percentile
25.6%
Liam Helmer noticed that sudo, a program that provides limited super
user privileges to specific users, does not clean the environment
sufficiently. Bash functions and the CDPATH variable are still passed
through to the program running as privileged user, leaving
possibilities to overload system routines. These vulnerabilities can
only be exploited by users who have been granted limited super user
privileges.
For the stable distribution (woody) these problems have been fixed in
version 1.6.6-1.3.
For the unstable distribution (sid) these problems have been fixed in
version 1.6.8p3.
We recommend that you upgrade your sudo package.
References
Related
nessus
nessus
Debian DSA-596-2 : sudo - missing input sanitising
2004-11-24 00:00:00
Mandrake Linux Security Advisory : sudo (MDKSA-2004:133)
2004-11-17 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2005-005)
2005-05-03 00:00:00
openvas
openvas
FreeBSD Ports: sudo
2008-09-04 00:00:00
Debian Security Advisory DSA 596-1 (sudo)
2008-01-17 00:00:00
FreeBSD Ports: sudo
2008-09-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package sudo version 1:1.6.7p5-alt4
2004-11-12 00:00:00
Security fix for the ALT Linux 6 package sudo version 1:1.6.7p5-alt4
2004-11-12 00:00:00
Security fix for the ALT Linux 5 package sudo version 1:1.6.7p5-alt4
2004-11-12 00:00:00
ubuntucve
ubuntucve
CVE-2004-1051
2005-03-01 00:00:00
nvd
nvd
CVE-2004-1051
2005-03-01 05:00:00
debian
debian
[SECURITY] [DSA 596-1] New sudo packages fix privilege escalation
2004-11-24 12:09:26
[SECURITY] [DSA 596-2] New sudo packages removes debug output
2004-11-24 17:00:50
[SECURITY] [DSA 596-2] New sudo packages removes debug output
2004-11-24 17:00:50
cve
cve
CVE-2004-1051
2005-03-01 05:00:00
cvelist
cvelist
CVE-2004-1051
2004-11-18 05:00:00
debiancve
debiancve
CVE-2004-1051
2005-03-01 05:00:00