Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2010-1163

Published: 16/04/2010 Updated: 10/10/2018
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Sudo

Vulnerability Summary

The command matching functionality in sudo 1.6.8 up to and including 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

todd miller sudo 1.6.8_p1

todd miller sudo 1.6.8_p12

todd miller sudo 1.6.9_p17

todd miller sudo 1.6.9_p18

todd miller sudo 1.7.2p4

todd miller sudo 1.7.0

todd miller sudo 1.6.8

todd miller sudo 1.6.8_p9

todd miller sudo 1.6.8p7

todd miller sudo 1.7.2p2

todd miller sudo 1.7.2p3

todd miller sudo 1.6.8_p2

todd miller sudo 1.6.8_p5

todd miller sudo 1.6.9_p19

todd miller sudo 1.6.9_p20

todd miller sudo 1.6.9_p21

todd miller sudo 1.7.1

todd miller sudo 1.6.8_p7

todd miller sudo 1.6.8_p8

todd miller sudo 1.6.9_p22

todd miller sudo 1.7.2p1

Vendor Advisories

Red Hat: Moderate: sudo security update
Synopsis Moderate: sudo security update Type/Severity Security Advisory: Moderate Topic An updated sudo package that fixes one security issue is now available forRed Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vulnerability Scor ...
Debian CVElist Bug Report Logs: CVE-2010-1163: incomplete fix for the sudoedit privilege escalation issue CVE-2010-0426
Debian Bug report logs - #578275 CVE-2010-1163: incomplete fix for the sudoedit privilege escalation issue CVE-2010-0426 Package: sudo; Maintainer for sudo is Bdale Garbee <bdale@gagcom>; Source for sudo is src:sudo (PTS, buildd, popcon) Reported by: Luciano Bello <luciano@debianorg> Date: Sun, 18 Apr 2010 15:21:01 ...
Debian CVElist Bug Report Logs: sudoedit permission in sudoers grants permission to any sudoedit executables
Debian Bug report logs - #570737 sudoedit permission in sudoers grants permission to any sudoedit executables Package: sudo; Maintainer for sudo is Bdale Garbee <bdale@gagcom>; Source for sudo is src:sudo (PTS, buildd, popcon) Reported by: neonsignal-debian@memepressorg Date: Sun, 21 Feb 2010 03:33:02 UTC Severity: grav ...
Cisco: Sudo sudoedit Local Command Privilege Escalation Vulnerability
Sudo contains a vulnerability that could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges This vulnerability exists due to an error in the affected software while matching commands due to incorrect path resolution A local attacker with privileges to run the sudoedit command could exploit this vulnerab ...

Exploits

Exploit DB: Sudo 1.7.2p5 Local Privilege Escalation
sudoedit as found in sudo versions 172p5 and below fails to verify the path of the executable and therefore allows for an easy to exploit local privilege escalation vulnerability ...

References

CWE-20http://secunia.com/advisories/39384http://www.securityfocus.com/bid/39468http://www.ubuntu.com/usn/USN-928-1http://secunia.com/advisories/39474http://www.vupen.com/english/advisories/2010/0881http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.htmlhttp://www.vupen.com/english/advisories/2010/0895http://www.redhat.com/support/errata/RHSA-2010-0361.htmlhttp://secunia.com/advisories/39543http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019http://www.mandriva.com/security/advisories?name=MDVSA-2010:078http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.htmlhttp://secunia.com/advisories/39399http://www.vupen.com/english/advisories/2010/0956http://www.vupen.com/english/advisories/2010/0949http://www.vupen.com/english/advisories/2010/1019http://www.vupen.com/english/advisories/2010/0904http://www.osvdb.org/63878http://wiki.rpath.com/Advisories:rPSA-2010-0075http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/43068http://www.vupen.com/english/advisories/2011/0212https://exchange.xforce.ibmcloud.com/vulnerabilities/57836https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382http://www.securityfocus.com/archive/1/514489/100/0/threadedhttp://www.securityfocus.com/archive/1/510880/100/0/threadedhttp://www.securityfocus.com/archive/1/510846/100/0/threadedhttp://www.securityfocus.com/archive/1/510827/100/0/threadedhttps://access.redhat.com/errata/RHSA-2010:0361https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20100419-CVE-2010-1163
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook