Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
todd miller sudo 1.6.8p7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1831
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, s...
Todd Miller Sudo 1.6.8p7
NA
CVE-2010-1163
The command matching functionality in sudo 1.6.8 up to and including 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users ...
Todd Miller Sudo 1.6.9 P18
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.6.8 P7
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.6.9 P22
Todd Miller Sudo 1.6.8 P12
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P9
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6.9 P21
Todd Miller Sudo 1.6.9 P19
Todd Miller Sudo 1.6.9 P17
Todd Miller Sudo 1.6.9 P20
Todd Miller Sudo 1.6.8p7
Todd Miller Sudo 1.6.8 P5
Todd Miller Sudo 1.6.8 P8
Todd Miller Sudo 1.6.8 P2
NA
CVE-2010-1646
The secure path feature in env.c in sudo 1.3.1 up to and including 1.6.9p22 and 1.7.0 up to and including 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH v...
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.9p1
Todd Miller Sudo 1.6.8p1
Todd Miller Sudo 1.6.3p3
Todd Miller Sudo 1.3.1
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.3p2
Todd Miller Sudo 1.6.9p14
Todd Miller Sudo 1.6.9p17
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.6.8p5
Todd Miller Sudo 1.6.7p3
Todd Miller Sudo 1.6.8p8
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.8p2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.9p15
Todd Miller Sudo 1.6.7p1
Todd Miller Sudo 1.6.9p20
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.7.2p2
NA
CVE-2011-0008
A certain Fedora patch for parse.c in sudo prior to 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudo...
Todd Miller Sudo
Todd Miller Sudo 1.3.1
Todd Miller Sudo 1.5
Todd Miller Sudo 1.5.2
Todd Miller Sudo 1.5.3
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.2p1
Todd Miller Sudo 1.6.2p2
Todd Miller Sudo 1.6.2p3
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3 P6
NA
CVE-2005-2959
Incomplete blacklist vulnerability in sudo 1.6.8 and previous versions allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.6.3p3
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.3p2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.6.4p1
Todd Miller Sudo 1.6.5p2
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.3p4
Todd Miller Sudo 1.6.3p6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started