CVE-2004-1051

First published: Thu Nov 18 2004(Updated: )

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Todd Miller Sudo	=1.5.8
Todd Miller Sudo	=1.6.3_p6
Todd Miller Sudo	=1.5.9
Todd Miller Sudo	=1.6.6
Todd Miller Sudo	=1.6.3
Todd Miller Sudo	=1.6.4_p2
Todd Miller Sudo	=1.6.1
Todd Miller Sudo	=1.6.3_p5
Todd Miller Sudo	=1.5.7
Todd Miller Sudo	=1.6.2
Todd Miller Sudo	=1.6.8
Todd Miller Sudo	=1.6.4_p1
Todd Miller Sudo	=1.6.3_p2
Todd Miller Sudo	=1.6.3_p4
Todd Miller Sudo	=1.6.5_p2
Todd Miller Sudo	=1.6.5
Todd Miller Sudo	=1.6.3_p3
Todd Miller Sudo	=1.6.8_p1
Todd Miller Sudo	=1.6.5_p1
Todd Miller Sudo	=1.6.3_p7
Todd Miller Sudo	=1.6
Todd Miller Sudo	=1.6.4
Mandrakesoft Mandrake Multi Network Firewall	=8.2
Todd Miller Sudo	=1.6.7
Todd Miller Sudo	=1.6.3_p1
Todd Miller Sudo	=1.5.6
Trustix Secure Linux	=2.0
Mandrakesoft Mandrake Linux Corporate Server	=2.1
Debian Debian Linux	=3.0
Ubuntu Ubuntu Linux	=4.1
Debian Debian Linux	=3.0
Debian Debian Linux	=3.0
Mandrakesoft Mandrake Linux	=9.2
Debian Debian Linux	=3.0
Mandrakesoft Mandrake Linux	=10.1
Debian Debian Linux	=3.0
Debian Debian Linux	=3.0
Mandrakesoft Mandrake Linux	=9.2
Trustix Secure Linux	=1.5
Debian Debian Linux	=3.0
Debian Debian Linux	=3.0
Debian Debian Linux	=3.0
Debian Debian Linux	=3.0
Mandrakesoft Mandrake Linux	=10.0
Trustix Secure Linux	=2.1
Trustix Secure Linux	=2.2
Ubuntu Ubuntu Linux	=4.1
Debian Debian Linux	=3.0
Mandrakesoft Mandrake Linux Corporate Server	=2.1
Mandrakesoft Mandrake Linux	=10.0
Mandrakesoft Mandrake Linux	=10.1

Remedy

http://www.securityfocus.com/bid/11668

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/weakness
agent/references
agent/severity
agent/author
agent/type
agent/description
agent/event
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/remedy
agent/tags
collector/mitre-cve
source/MITRE
vendor/todd miller
canonical/todd miller sudo
version/todd miller sudo/1.5.8
version/todd miller sudo/1.6.3_p6
version/todd miller sudo/1.5.9
version/todd miller sudo/1.6.6
version/todd miller sudo/1.6.3
version/todd miller sudo/1.6.4_p2
version/todd miller sudo/1.6.1
version/todd miller sudo/1.6.3_p5
version/todd miller sudo/1.5.7
version/todd miller sudo/1.6.2
version/todd miller sudo/1.6.8
version/todd miller sudo/1.6.4_p1
version/todd miller sudo/1.6.3_p2
version/todd miller sudo/1.6.3_p4
version/todd miller sudo/1.6.5_p2
version/todd miller sudo/1.6.5
version/todd miller sudo/1.6.3_p3
version/todd miller sudo/1.6.8_p1
version/todd miller sudo/1.6.5_p1
version/todd miller sudo/1.6.3_p7
version/todd miller sudo/1.6
version/todd miller sudo/1.6.4
vendor/mandrakesoft
canonical/mandrakesoft mandrake multi network firewall
version/mandrakesoft mandrake multi network firewall/8.2
version/todd miller sudo/1.6.7
version/todd miller sudo/1.6.3_p1
version/todd miller sudo/1.5.6
vendor/trustix
canonical/trustix secure linux
version/trustix secure linux/2.0
canonical/mandrakesoft mandrake linux corporate server
version/mandrakesoft mandrake linux corporate server/2.1
vendor/debian
canonical/debian debian linux
version/debian debian linux/3.0
vendor/ubuntu
canonical/ubuntu ubuntu linux
version/ubuntu ubuntu linux/4.1
canonical/mandrakesoft mandrake linux
version/mandrakesoft mandrake linux/9.2
version/mandrakesoft mandrake linux/10.1
version/trustix secure linux/1.5
version/mandrakesoft mandrake linux/10.0
version/trustix secure linux/2.1
version/trustix secure linux/2.2

CVE-2004-1051

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact