Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
todd miller sudo 1.6.8p7 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2005-1831
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, s...
Todd Miller Sudo 1.6.8p7
6.9
CVSSv2
CVE-2010-1163
The command matching functionality in sudo 1.6.8 up to and including 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users ...
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6.8 P12
Todd Miller Sudo 1.6.9 P17
Todd Miller Sudo 1.6.9 P18
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P9
Todd Miller Sudo 1.6.8p7
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.6.8 P2
Todd Miller Sudo 1.6.8 P5
Todd Miller Sudo 1.6.9 P19
Todd Miller Sudo 1.6.9 P20
Todd Miller Sudo 1.6.9 P21
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.6.8 P7
Todd Miller Sudo 1.6.8 P8
Todd Miller Sudo 1.6.9 P22
Todd Miller Sudo 1.7.2p1
6.2
CVSSv2
CVE-2010-1646
The secure path feature in env.c in sudo 1.3.1 up to and including 1.6.9p22 and 1.7.0 up to and including 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH v...
Todd Miller Sudo 1.3.1
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.7.2p5
Todd Miller Sudo 1.7.2p6
Todd Miller Sudo 1.6.2p2
Todd Miller Sudo 1.6.2p3
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.3p7
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.7p1
Todd Miller Sudo 1.6.8p3
Todd Miller Sudo 1.6.8p4
Todd Miller Sudo 1.6.8p11
Todd Miller Sudo 1.6.8p12
Todd Miller Sudo 1.6.9p6
Todd Miller Sudo 1.6.9p7
Todd Miller Sudo 1.6.9p15
Todd Miller Sudo 1.6.9p16
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.6
4.6
CVSSv2
CVE-2005-2959
Incomplete blacklist vulnerability in sudo 1.6.8 and previous versions allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3p4
Todd Miller Sudo 1.6.3p5
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.6.3p6
Todd Miller Sudo 1.6.3p7
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.5p1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started