cve-2010-1646
Vulnerability from cvelistv5
Published
2010-06-07 14:00
Modified
2024-08-07 01:28
Severity ?
Summary
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
secalert@redhat.comhttp://secunia.com/advisories/40002Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/40188
secalert@redhat.comhttp://secunia.com/advisories/40215
secalert@redhat.comhttp://secunia.com/advisories/40508
secalert@redhat.comhttp://secunia.com/advisories/43068
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-201009-03.xml
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2010-0075
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2062
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:118
secalert@redhat.comhttp://www.osvdb.org/65083
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0475.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/514489/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/40538
secalert@redhat.comhttp://www.securitytracker.com/id?1024101
secalert@redhat.comhttp://www.sudo.ws/repos/sudo/rev/3057fde43cf0Exploit, Patch
secalert@redhat.comhttp://www.sudo.ws/repos/sudo/rev/a09c6812eaecExploit, Patch
secalert@redhat.comhttp://www.sudo.ws/sudo/alerts/secure_path.htmlVendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1452
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1478
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1518
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1519
secalert@redhat.comhttp://www.vupen.com/english/advisories/2011/0212
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=598154
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40002Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40188
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40215
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40508
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43068
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201009-03.xml
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2010-0075
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2062
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:118
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/65083
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0475.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/514489/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/40538
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1024101
af854a3a-2127-422b-91ae-364da2661108http://www.sudo.ws/repos/sudo/rev/3057fde43cf0Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.sudo.ws/repos/sudo/rev/a09c6812eaecExploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.sudo.ws/sudo/alerts/secure_path.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1452
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1478
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1518
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1519
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0212
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=598154
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T01:28:41.583Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "65083",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://www.osvdb.org/65083",
               },
               {
                  name: "FEDORA-2010-9417",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html",
               },
               {
                  name: "43068",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/43068",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.sudo.ws/sudo/alerts/secure_path.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.sudo.ws/repos/sudo/rev/3057fde43cf0",
               },
               {
                  name: "oval:org.mitre.oval:def:10580",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580",
               },
               {
                  name: "MDVSA-2010:118",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:118",
               },
               {
                  name: "ADV-2011-0212",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0212",
               },
               {
                  name: "40188",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/40188",
               },
               {
                  name: "40002",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/40002",
               },
               {
                  name: "40215",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/40215",
               },
               {
                  name: "20101027 rPSA-2010-0075-1 sudo",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/514489/100/0/threaded",
               },
               {
                  name: "1024101",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1024101",
               },
               {
                  name: "40538",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/40538",
               },
               {
                  name: "FEDORA-2010-9415",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.sudo.ws/repos/sudo/rev/a09c6812eaec",
               },
               {
                  name: "SUSE-SR:2011:002",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html",
               },
               {
                  name: "DSA-2062",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2010/dsa-2062",
               },
               {
                  name: "FEDORA-2010-9402",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://wiki.rpath.com/Advisories:rPSA-2010-0075",
               },
               {
                  name: "GLSA-201009-03",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://security.gentoo.org/glsa/glsa-201009-03.xml",
               },
               {
                  name: "ADV-2010-1478",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/1478",
               },
               {
                  name: "RHSA-2010:0475",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2010-0475.html",
               },
               {
                  name: "oval:org.mitre.oval:def:7338",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338",
               },
               {
                  name: "40508",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/40508",
               },
               {
                  name: "ADV-2010-1518",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/1518",
               },
               {
                  name: "ADV-2010-1519",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/1519",
               },
               {
                  name: "ADV-2010-1452",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/1452",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=598154",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2010-06-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-10T18:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "65083",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://www.osvdb.org/65083",
            },
            {
               name: "FEDORA-2010-9417",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html",
            },
            {
               name: "43068",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/43068",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.sudo.ws/sudo/alerts/secure_path.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.sudo.ws/repos/sudo/rev/3057fde43cf0",
            },
            {
               name: "oval:org.mitre.oval:def:10580",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580",
            },
            {
               name: "MDVSA-2010:118",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:118",
            },
            {
               name: "ADV-2011-0212",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0212",
            },
            {
               name: "40188",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/40188",
            },
            {
               name: "40002",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/40002",
            },
            {
               name: "40215",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/40215",
            },
            {
               name: "20101027 rPSA-2010-0075-1 sudo",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/514489/100/0/threaded",
            },
            {
               name: "1024101",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1024101",
            },
            {
               name: "40538",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/40538",
            },
            {
               name: "FEDORA-2010-9415",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.sudo.ws/repos/sudo/rev/a09c6812eaec",
            },
            {
               name: "SUSE-SR:2011:002",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html",
            },
            {
               name: "DSA-2062",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2010/dsa-2062",
            },
            {
               name: "FEDORA-2010-9402",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://wiki.rpath.com/Advisories:rPSA-2010-0075",
            },
            {
               name: "GLSA-201009-03",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://security.gentoo.org/glsa/glsa-201009-03.xml",
            },
            {
               name: "ADV-2010-1478",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/1478",
            },
            {
               name: "RHSA-2010:0475",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2010-0475.html",
            },
            {
               name: "oval:org.mitre.oval:def:7338",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338",
            },
            {
               name: "40508",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/40508",
            },
            {
               name: "ADV-2010-1518",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/1518",
            },
            {
               name: "ADV-2010-1519",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/1519",
            },
            {
               name: "ADV-2010-1452",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/1452",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=598154",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2010-1646",
      datePublished: "2010-06-07T14:00:00",
      dateReserved: "2010-04-29T00:00:00",
      dateUpdated: "2024-08-07T01:28:41.583Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2010-1646\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-06-07T17:12:48.123\",\"lastModified\":\"2024-11-21T01:14:52.780\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.\"},{\"lang\":\"es\",\"value\":\"La funcionalidad de ruta de acceso segura en env.c en sudo v1.3.1 a v1.6.9p22 y v1.7.0 a v1.7.2p6 no controla correctamente un entorno que contenga múltiples variables PATH, lo que podría permitir a usuarios locales conseguir privilegios a través de un valor debidamente modificado de la última variable de entorno PATH.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":6.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7FE987-2B49-4FD5-A5A0-35129D4E60C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"976B5923-1BCC-4DE6-A904-930DD833B937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5452DF1-0270-452D-90EB-45E9A084B94C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFD12E6-F92E-4371-ADA7-BCD41E4C9014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.2p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE57443E-CFAA-4023-B2B0-FA0B660D7643\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.2p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D6343C1-FBC8-43E7-A8DA-EB240B958015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EF4CB38-4033-46A1-9155-DC348261CAEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67FDF4FB-06FA-4A10-A3CF-F52169BC8072\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6848519-57E8-4636-BE10-A0AF06787B20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A458EA77-772C-4641-A08A-5733FA386974\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57B7415D-FE7F-4F67-8384-016BD6044015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09429504-327B-44B3-A651-E933EADA0300\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7889BA46-0FAA-4D62-B2BB-B895060F5585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84FD9DD4-A6D0-40F4-9A8E-8E0017BE349C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B02CEAA5-8409-42AF-A4AE-58D9D16F007F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5DFC86C-7743-4F27-BC10-170F04C23D7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.4p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A3E4716-6D11-46DD-9378-3C733BBDCD8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55799ECB-CEB1-4839-8053-4C1F071D1526\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2170CFD0-2594-45FB-B68F-0A75114F00A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.5p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6F99CB6-E185-4CE0-9E43-C5AE9017717B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.5p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2F6F9C6-85B6-450F-9165-B23C2BF83EBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"294FC65B-4225-475A-B49A-758823CEDECD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6156B085-AA17-458C-AED1-D658275E43B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"147D459A-A9F2-46EF-A413-BABDBA854CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59310EB2-D33B-408E-87DA-31769211A3E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A23B0A74-F3D6-4993-B69C-72A3DE828E33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32CE5850-4B1D-41E0-AAAE-EE2F5C1BC14A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85AA3DDA-BEC4-422D-8542-3FF5C6F5FA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6419309-385F-4525-AD4B-C73B1A3ED935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BED4713-FC6E-4AC7-B100-8344AF4E2D2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81B76073-DEA4-4D62-A9FD-07D3306CCCD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1DD679B-25C5-4A78-8004-F073403E4431\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F95437FF-83F7-443B-9F25-8BE81884C595\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"821B0A1A-707F-4F4A-A110-3C808C275B14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D735BC1-3E87-4286-9F7D-3181064FF2C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B570E525-A024-4D41-9600-1134433786DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C00A0AF-985D-4046-893B-FE96F21C7B91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB9772A9-0C70-4539-A7B8-51288D0E1B9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"758916CE-80D8-442E-AAE0-A128FCD69046\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCE213B0-7046-4813-8E63-D767A8E1E0C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD3604EC-3109-41AF-9068-60C639557BEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE103608-6BCB-4EC0-8EB1-110A80829592\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FFE8FBC-9182-49CC-B151-EE39FA4176F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF1CF6EE-3926-4A2A-BD09-84C0AA025C02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05E8BBC5-1D4A-47F8-AEC6-0A4C22E09AC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D741DD28-B32B-4A4D-8D73-5F2E2B17B142\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"553C9803-F6E7-491D-AD16-9809AD010DF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2B05317-F43C-4F0A-8A15-6B6CD1413E7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF164040-2392-4E37-B9D3-5634322C908C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5D94302-8A20-4678-8B54-E448ED34674D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72FC2554-57A2-44D2-B3B0-F4781B4087D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CA72389-8D02-4827-9AC1-594DF3815F61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CE457DB-D4F9-4F7D-8D52-2D226F288A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91A84956-0A2C-48F8-964B-3C3CE1F4B304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0869E8D1-4345-4373-AE39-541A818296FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89DFC1E9-730F-49A5-A351-9140B89BBCBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"521E83C8-F708-493B-9CFF-80747700B783\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1949F9F8-2267-48FF-88DA-4E7F57AFB740\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F9EF929-C19F-488C-ACCA-57C712C8F72E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FD54E9C-3E81-4CB0-843E-A31F55DCB7A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B218C163-E5E3-482F-BDBD-C55E55163416\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F03EF9C-D90D-425E-AC35-8DD02B7C03F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC8D478-8554-4947-926A-8B1B27DD122D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64435258-4639-438E-825F-E6AA82D41745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643ABD1F-83E1-4B71-AA59-8CF8B4018A46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8967DE4C-3D41-4BCE-97B0-469FCFBCE332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C0D8CB9-3156-4F7F-A616-59EF530540D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C91B0A-44B6-4B33-A0ED-295C56D97546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07945224-A955-4A33-B54B-11D128FCA0F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F70C45-9522-4F49-A5B9-62E03410F03E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAE0BA2-D9AC-40A3-A4DC-1E33DEE7200C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FEF4FBB-E045-43CE-A9F9-3FF7F9FE3400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68372F8A-9AFD-45DE-A9B8-4CDF3154E349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77DC6C6B-4585-401D-B02E-E70E6157DBC2\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/40002\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/40188\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/40215\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/40508\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201009-03.xml\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2010-0075\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2062\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:118\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/65083\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0475.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/514489/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/40538\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1024101\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/3057fde43cf0\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/a09c6812eaec\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.sudo.ws/sudo/alerts/secure_path.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1452\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1478\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1518\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1519\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=598154\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/40188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40508\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43068\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201009-03.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2010-0075\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:118\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/65083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0475.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/514489/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/40538\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1024101\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/3057fde43cf0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/a09c6812eaec\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.sudo.ws/sudo/alerts/secure_path.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1452\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1478\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=598154\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.