Todd Miller: >> Sudo >> 1.7.2 Security Vulnerabilities
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
CVSS Score
6.2
EPSS Score
0.001
Published
2010-06-07
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory.
CVSS Score
6.9
EPSS Score
0.008
Published
2010-02-24
Page 2