CVE-2010-1646

MEDIUM

Description

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.

References

http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://secunia.com/advisories/40002

http://secunia.com/advisories/40188

http://secunia.com/advisories/40215

http://secunia.com/advisories/40508

http://secunia.com/advisories/43068

http://security.gentoo.org/glsa/glsa-201009-03.xml

http://wiki.rpath.com/Advisories:rPSA-2010-0075

http://www.debian.org/security/2010/dsa-2062

http://www.mandriva.com/security/advisories?name=MDVSA-2010:118

http://www.osvdb.org/65083

http://www.redhat.com/support/errata/RHSA-2010-0475.html

http://www.securityfocus.com/archive/1/514489/100/0/threaded

http://www.securityfocus.com/bid/40538

http://www.securitytracker.com/id?1024101

http://www.sudo.ws/repos/sudo/rev/3057fde43cf0

http://www.sudo.ws/repos/sudo/rev/a09c6812eaec

http://www.sudo.ws/sudo/alerts/secure_path.html

http://www.vupen.com/english/advisories/2010/1452

http://www.vupen.com/english/advisories/2010/1478

http://www.vupen.com/english/advisories/2010/1518

http://www.vupen.com/english/advisories/2010/1519

http://www.vupen.com/english/advisories/2011/0212

https://bugzilla.redhat.com/show_bug.cgi?id=598154

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338

Details

Source: MITRE

Published: 2010-06-07

Updated: 2018-10-10

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 6.2

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 1.9

Severity: MEDIUM