CVE-2004-1051
First published: Thu Nov 18 2004(Updated: )
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mandrakesoft Mandrake Multi Network Firewall | =8.2 | |
| Sudo | =1.5.6 | |
| Sudo | =1.5.7 | |
| Sudo | =1.5.8 | |
| Sudo | =1.5.9 | |
| Sudo | =1.6 | |
| Sudo | =1.6.1 | |
| Sudo | =1.6.2 | |
| Sudo | =1.6.3 | |
| Sudo | =1.6.3_p1 | |
| Sudo | =1.6.3_p2 | |
| Sudo | =1.6.3_p3 | |
| Sudo | =1.6.3_p4 | |
| Sudo | =1.6.3_p5 | |
| Sudo | =1.6.3_p6 | |
| Sudo | =1.6.3_p7 | |
| Sudo | =1.6.4 | |
| Sudo | =1.6.4_p1 | |
| Sudo | =1.6.4_p2 | |
| Sudo | =1.6.5 | |
| Sudo | =1.6.5_p1 | |
| Sudo | =1.6.5_p2 | |
| Sudo | =1.6.6 | |
| Sudo | =1.6.7 | |
| Sudo | =1.6.8 | |
| Sudo | =1.6.8_p1 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Debian | =3.0 | |
| Mandrake Linux | =9.2 | |
| Mandrake Linux | =9.2 | |
| Mandrake Linux | =10.0 | |
| Mandrake Linux | =10.0 | |
| Mandrake Linux | =10.1 | |
| Mandrake Linux | =10.1 | |
| Mandriva Linux Corporate Server | =2.1 | |
| Mandriva Linux Corporate Server | =2.1 | |
| Trustix Secure Linux | =1.5 | |
| Trustix Secure Linux | =2.0 | |
| Trustix Secure Linux | =2.1 | |
| Trustix Secure Linux | =2.2 | |
| Ubuntu Linux | =4.1 | |
| Ubuntu Linux | =4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/11668
- http://www.sudo.ws/sudo/alerts/bash_functions.html
- http://www.debian.org/security/2004/dsa-596
- http://www.trustix.org/errata/2004/0061/
- http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:133
- http://marc.info/?l=bugtraq&m=110598298225675&w=2
- http://marc.info/?l=bugtraq&m=110028877431192&w=2
- https://www.ubuntu.com/usn/usn-28-1/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18055
Frequently Asked Questions
What is the severity of CVE-2004-1051?
CVE-2004-1051 is classified as a high severity vulnerability due to its potential for local users to execute arbitrary commands.
How do I fix CVE-2004-1051?
To fix CVE-2004-1051, upgrade to a version of sudo that is 1.6.8p2 or later.
What versions of sudo are affected by CVE-2004-1051?
CVE-2004-1051 affects sudo versions prior to 1.6.8p2, including 1.5.6, 1.5.7, 1.5.8, and several 1.6.x versions.
How does CVE-2004-1051 enable arbitrary command execution?
CVE-2004-1051 allows command execution through the misuse of "()" style environment variables to create functions that can override existing commands.
Who is impacted by CVE-2004-1051?
Local users on systems running vulnerable versions of sudo are impacted by CVE-2004-1051.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/mandrakesoft
- canonical/mandrakesoft mandrake multi network firewall
- version/mandrakesoft mandrake multi network firewall/8.2
- vendor/todd miller
- canonical/sudo
- version/sudo/1.5.6
- version/sudo/1.5.7
- version/sudo/1.5.8
- version/sudo/1.5.9
- version/sudo/1.6
- version/sudo/1.6.1
- version/sudo/1.6.2
- version/sudo/1.6.3
- version/sudo/1.6.3_p1
- version/sudo/1.6.3_p2
- version/sudo/1.6.3_p3
- version/sudo/1.6.3_p4
- version/sudo/1.6.3_p5
- version/sudo/1.6.3_p6
- version/sudo/1.6.3_p7
- version/sudo/1.6.4
- version/sudo/1.6.4_p1
- version/sudo/1.6.4_p2
- version/sudo/1.6.5
- version/sudo/1.6.5_p1
- version/sudo/1.6.5_p2
- version/sudo/1.6.6
- version/sudo/1.6.7
- version/sudo/1.6.8
- version/sudo/1.6.8_p1
- vendor/debian
- canonical/debian
- version/debian/3.0
- canonical/mandrake linux
- version/mandrake linux/9.2
- version/mandrake linux/10.0
- version/mandrake linux/10.1
- canonical/mandriva linux corporate server
- version/mandriva linux corporate server/2.1
- vendor/trustix
- canonical/trustix secure linux
- version/trustix secure linux/1.5
- version/trustix secure linux/2.0
- version/trustix secure linux/2.1
- version/trustix secure linux/2.2
- vendor/ubuntu
- canonical/ubuntu linux
- version/ubuntu linux/4.1