CVE-2010-1646

Severity

62%

Complexity

19%

Confidentiality

165%

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.

CVSS 2.0 Base Score 6.2. CVSS Attack Vector: local. CVSS Attack Complexity: high. CVSS Vector: (AV:L/AC:H/Au:N/C:C/I:C/A:C).

Overview

Type

Todd Miller Sudo

First reported 14 years ago

2010-06-07 17:12:00

Last updated 6 years ago

2018-10-10 19:57:00

Affected Software

Todd Miller Sudo 1.6

1.6

Todd Miller Sudo 1.6.1

1.6.1

Todd Miller Sudo 1.6.2

1.6.2

Todd Miller Sudo 1.6.2p3

1.6.2p3

Todd Miller Sudo 1.6.3

1.6.3

Todd Miller Sudo 1.6.4

1.6.4

Todd Miller Sudo 1.6.4p2

1.6.4p2

Todd Miller Sudo 1.6.5

1.6.5

Todd Miller Sudo 1.6.6

1.6.6

Todd Miller Sudo 1.6.7

1.6.7

Todd Miller Sudo 1.6.7p5

1.6.7p5

Todd Miller Sudo 1.6.8

1.6.8

Todd Miller Sudo 1.6.8p12

1.6.8p12

Todd Miller Sudo 1.6.9

1.6.9

Todd Miller Sudo 1.6.9p20

1.6.9p20

Todd Miller Sudo 1.6.9p21

1.6.9p21

Todd Miller Sudo 1.6.9p22

1.6.9p22

Todd Miller Sudo 1.7.0

1.7.0

Todd Miller Sudo 1.7.1

1.7.1

Todd Miller Sudo 1.7.2

1.7.2

Todd Miller Sudo 1.7.2p1

1.7.2p1

Todd Miller Sudo 1.7.2p2

1.7.2p2

Todd Miller Sudo 1.7.2p3

1.7.2p3

Todd Miller Sudo 1.7.2p4

1.7.2p4

Todd Miller Sudo 1.7.2p5

1.7.2p5

Todd Miller Sudo 1.7.2p6

1.7.2p6

Todd Miller Sudo 1.7.2p7

1.7.2p7

References

FEDORA-2010-9402

FEDORA-2010-9417

FEDORA-2010-9415

SUSE-SR:2011:002

40002

Vendor Advisory

40188

40215

40508

43068

GLSA-201009-03

http://wiki.rpath.com/Advisories:rPSA-2010-0075

DSA-2062

MDVSA-2010:118

65083

RHSA-2010:0475

20101027 rPSA-2010-0075-1 sudo

40538

1024101

http://www.sudo.ws/repos/sudo/rev/3057fde43cf0

Exploit, Patch

http://www.sudo.ws/repos/sudo/rev/a09c6812eaec

Exploit, Patch

http://www.sudo.ws/sudo/alerts/secure_path.html

Vendor Advisory

ADV-2010-1452

ADV-2010-1478

ADV-2010-1518

ADV-2010-1519

ADV-2011-0212

https://bugzilla.redhat.com/show_bug.cgi?id=598154

oval:org.mitre.oval:def:10580

oval:org.mitre.oval:def:7338

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.