Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-1051

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

Published

2005-03-01T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.2 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mandrakesoft	mandrake_multi_network_firewall	8.2	Yes
Application	todd_miller	sudo	1.5.6	Yes
Application	todd_miller	sudo	1.5.7	Yes
Application	todd_miller	sudo	1.5.8	Yes
Application	todd_miller	sudo	1.5.9	Yes
Application	todd_miller	sudo	1.6	Yes
Application	todd_miller	sudo	1.6.1	Yes
Application	todd_miller	sudo	1.6.2	Yes
Application	todd_miller	sudo	1.6.3	Yes
Application	todd_miller	sudo	1.6.3_p1	Yes
Application	todd_miller	sudo	1.6.3_p2	Yes
Application	todd_miller	sudo	1.6.3_p3	Yes
Application	todd_miller	sudo	1.6.3_p4	Yes
Application	todd_miller	sudo	1.6.3_p5	Yes
Application	todd_miller	sudo	1.6.3_p6	Yes
Application	todd_miller	sudo	1.6.3_p7	Yes
Application	todd_miller	sudo	1.6.4	Yes
Application	todd_miller	sudo	1.6.4_p1	Yes
Application	todd_miller	sudo	1.6.4_p2	Yes
Application	todd_miller	sudo	1.6.5	Yes
Application	todd_miller	sudo	1.6.5_p1	Yes
Application	todd_miller	sudo	1.6.5_p2	Yes
Application	todd_miller	sudo	1.6.6	Yes
Application	todd_miller	sudo	1.6.7	Yes
Application	todd_miller	sudo	1.6.8	Yes
Application	todd_miller	sudo	1.6.8_p1	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	debian	debian_linux	3.0	Yes
Operating System	mandrakesoft	mandrake_linux	9.2	Yes
Operating System	mandrakesoft	mandrake_linux	9.2	Yes
Operating System	mandrakesoft	mandrake_linux	10.0	Yes
Operating System	mandrakesoft	mandrake_linux	10.0	Yes
Operating System	mandrakesoft	mandrake_linux	10.1	Yes
Operating System	mandrakesoft	mandrake_linux	10.1	Yes
Operating System	mandrakesoft	mandrake_linux_corporate_server	2.1	Yes
Operating System	mandrakesoft	mandrake_linux_corporate_server	2.1	Yes
Operating System	trustix	secure_linux	1.5	Yes
Operating System	trustix	secure_linux	2.0	Yes
Operating System	trustix	secure_linux	2.1	Yes
Operating System	trustix	secure_linux	2.2	Yes
Operating System	ubuntu	ubuntu_linux	4.1	Yes
Operating System	ubuntu	ubuntu_linux	4.1	Yes

References

http://lists.apple.com/archives/security-announce/2005/May/msg00001.html ([email protected])
http://marc.info/?l=bugtraq&m=110028877431192&w=2 ([email protected])
http://marc.info/?l=bugtraq&m=110598298225675&w=2 ([email protected])
http://www.debian.org/security/2004/dsa-596 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2004:133 ([email protected])
http://www.securityfocus.com/bid/11668 Patch, Vendor Advisory ([email protected])
http://www.sudo.ws/sudo/alerts/bash_functions.html ([email protected])
http://www.trustix.org/errata/2004/0061/ ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/18055 ([email protected])
https://www.ubuntu.com/usn/usn-28-1/ ([email protected])
http://lists.apple.com/archives/security-announce/2005/May/msg00001.html (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=110028877431192&w=2 (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=110598298225675&w=2 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2004/dsa-596 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2004:133 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/11668 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.sudo.ws/sudo/alerts/bash_functions.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.trustix.org/errata/2004/0061/ (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18055 (af854a3a-2127-422b-91ae-364da2661108)
https://www.ubuntu.com/usn/usn-28-1/ (af854a3a-2127-422b-91ae-364da2661108)