3.7
CVE-2005-1993
- EPSS 0.4%
- Veröffentlicht 20.06.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:14:02
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Todd Miller ≫ Sudo Version1.3.1
Todd Miller ≫ Sudo Version1.5.6
Todd Miller ≫ Sudo Version1.5.7
Todd Miller ≫ Sudo Version1.5.8
Todd Miller ≫ Sudo Version1.5.9
Todd Miller ≫ Sudo Version1.6
Todd Miller ≫ Sudo Version1.6.1
Todd Miller ≫ Sudo Version1.6.2
Todd Miller ≫ Sudo Version1.6.3
Todd Miller ≫ Sudo Version1.6.3_p1
Todd Miller ≫ Sudo Version1.6.3_p2
Todd Miller ≫ Sudo Version1.6.3_p3
Todd Miller ≫ Sudo Version1.6.3_p4
Todd Miller ≫ Sudo Version1.6.3_p5
Todd Miller ≫ Sudo Version1.6.3_p6
Todd Miller ≫ Sudo Version1.6.3_p7
Todd Miller ≫ Sudo Version1.6.4
Todd Miller ≫ Sudo Version1.6.4_p1
Todd Miller ≫ Sudo Version1.6.4_p2
Todd Miller ≫ Sudo Version1.6.5
Todd Miller ≫ Sudo Version1.6.5_p1
Todd Miller ≫ Sudo Version1.6.5_p2
Todd Miller ≫ Sudo Version1.6.6
Todd Miller ≫ Sudo Version1.6.7
Todd Miller ≫ Sudo Version1.6.7_p5
Todd Miller ≫ Sudo Version1.6.8
Todd Miller ≫ Sudo Version1.6.8_p1
Todd Miller ≫ Sudo Version1.6.8_p7
Todd Miller ≫ Sudo Version1.6.8_p8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.313 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.7 | 1.9 | 6.4 |
AV:L/AC:H/Au:N/C:P/I:P/A:P
|
http://www.novell.com/linux/security/advisories/2005_36_sudo.html
http://docs.info.apple.com/article.html?artnum=302847
http://secunia.com/advisories/15744
http://secunia.com/advisories/17813
http://www.debian.org/security/2005/dsa-735
http://www.osvdb.org/17396
http://www.redhat.com/support/errata/RHSA-2005-535.html
http://www.securityfocus.com/archive/1/402741
http://www.securityfocus.com/archive/1/425974/100/0/threaded
http://www.securityfocus.com/bid/13993
http://www.securityfocus.com/bid/15647
http://www.sudo.ws/sudo/alerts/path_race.html
http://www.vupen.com/english/advisories/2005/0821
http://www.vupen.com/english/advisories/2005/2659
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161116
https://exchange.xforce.ibmcloud.com/vulnerabilities/21080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1242