fkie_cve-2010-1163
Vulnerability from fkie_nvd
Published
2010-04-16 19:30
Modified
2025-04-11 00:51
Severity ?
Summary
The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
secalert@redhat.comhttp://secunia.com/advisories/39384Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/39399
secalert@redhat.comhttp://secunia.com/advisories/39474Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/39543
secalert@redhat.comhttp://secunia.com/advisories/43068
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2010-0075
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:078
secalert@redhat.comhttp://www.osvdb.org/63878
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2010-0361.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/510827/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/510846/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/510880/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/514489/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/39468
secalert@redhat.comhttp://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-928-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0881Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0895Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0904
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0949
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/0956
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1019
secalert@redhat.comhttp://www.vupen.com/english/advisories/2011/0212
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/57836
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39384Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39399
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39474Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39543
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43068
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2010-0075
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2010:078
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/63878
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0361.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/510827/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/510846/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/510880/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/514489/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/39468
af854a3a-2127-422b-91ae-364da2661108http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-928-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0881Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0895Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0904
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0949
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0956
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1019
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0212
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/57836
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382
Impacted products
Vendor Product Version
todd_miller sudo 1.6.8
todd_miller sudo 1.6.8_p1
todd_miller sudo 1.6.8_p2
todd_miller sudo 1.6.8_p5
todd_miller sudo 1.6.8_p7
todd_miller sudo 1.6.8_p8
todd_miller sudo 1.6.8_p9
todd_miller sudo 1.6.8_p12
todd_miller sudo 1.6.8p7
todd_miller sudo 1.6.9_p17
todd_miller sudo 1.6.9_p18
todd_miller sudo 1.6.9_p19
todd_miller sudo 1.6.9_p20
todd_miller sudo 1.6.9_p21
todd_miller sudo 1.6.9_p22
todd_miller sudo 1.7.0
todd_miller sudo 1.7.1
todd_miller sudo 1.7.2p1
todd_miller sudo 1.7.2p2
todd_miller sudo 1.7.2p3
todd_miller sudo 1.7.2p4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6419309-385F-4525-AD4B-C73B1A3ED935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F7E821-2908-47F1-9665-E9D68ECC242F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90D0AB4-F8A8-4301-99B5-757254FA999A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79C7098-37D0-4E6E-A22C-3C771D81956F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7D2832-B654-406E-AA34-B3BD1D6F0A2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5688D95-89EF-4D2E-9728-2316CAC3CBE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B69E49B2-1B3C-4434-ACF1-CF4F519E3C32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p12:*:*:*:*:*:*:*",
              "matchCriteriaId": "31B2C299-5D0B-44DA-91FD-4B1146BE9A7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8p7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B570E525-A024-4D41-9600-1134433786DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p17:*:*:*:*:*:*:*",
              "matchCriteriaId": "471284F9-21EF-4ED6-860F-AB86154CCDF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p18:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C91FEB5-CEF5-4C66-A8D2-AE80EA32B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p19:*:*:*:*:*:*:*",
              "matchCriteriaId": "E106EBA5-14B3-48F7-BE00-9F0ABD57C33B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p20:*:*:*:*:*:*:*",
              "matchCriteriaId": "215B0725-5314-49E6-8A96-2106860F4304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p21:*:*:*:*:*:*:*",
              "matchCriteriaId": "E35B5C93-D197-4ADE-88F3-679311B083B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p22:*:*:*:*:*:*:*",
              "matchCriteriaId": "99854E9D-4D84-44D9-AB68-175A3048EA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "643ABD1F-83E1-4B71-AA59-8CF8B4018A46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8967DE4C-3D41-4BCE-97B0-469FCFBCE332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C91B0A-44B6-4B33-A0ED-295C56D97546",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07945224-A955-4A33-B54B-11D128FCA0F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "41F70C45-9522-4F49-A5B9-62E03410F03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEAE0BA2-D9AC-40A3-A4DC-1E33DEE7200C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for \".\", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426."
    },
    {
      "lang": "es",
      "value": "El comando de funcionalidad matching en sudo v1.6.8 hasta v1.7.2p5 no maneja adecuadamente cuando un fichero en el directorio actual de trabajo tiene el mismo nombre que un pseudo-comando en el archivo dudoers y que contiene en la ruta una entrada para \".\", lo que permite a usuarios locales ejecutar comandos de su elecci\u00f3n a trav\u00e9s de un troyano ejecutable, como ha sido demostrado usando sudoedit, una vulnerabilidad diferente que CVE-2010-0426."
    }
  ],
  "id": "CVE-2010-1163",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-04-16T19:30:00.523",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39384"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39399"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39474"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39543"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:078"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/63878"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0361.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/510827/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/510846/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/510880/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/39468"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-928-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0881"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0895"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0904"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0949"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0956"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/1019"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57836"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39384"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/63878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0361.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/510827/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/510846/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/510880/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/39468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-928-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0895"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0956"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.