FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-1163

This CVE name corresponds to:

Entered Topic
2010-04-15 sudo -- Privilege escalation with sudoedit

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-1163 at cve.mitre.org

Details

Type Candidate
Name CVE-2010-1163
Phase Assigned(20100329)

Description

The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.

References

Source Reference
BUGTRAQ 20100420 Re: sudoedit local privilege escalation through PATH manipulation
BUGTRAQ 20100422 Re: sudoedit local privilege escalation through PATH manipulation
BUGTRAQ 20100419 sudoedit local privilege escalation through PATH manipulation
BUGTRAQ 20101027 rPSA-2010-0075-1 sudo
CONFIRM http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html
CONFIRM http://wiki.rpath.com/Advisories:rPSA-2010-0075
FEDORA FEDORA-2010-6756
MANDRIVA MDVSA-2010:078
REDHAT RHSA-2010:0361
SLACKWARE SSA:2010-110-01
SUSE SUSE-SR:2011:002
UBUNTU USN-928-1
BID 39468
OSVDB 63878
OVAL oval:org.mitre.oval:def:9382
SECUNIA 39384
SECUNIA 39474
SECUNIA 39543
SECUNIA 39399
SECUNIA 43068
VUPEN ADV-2010-0881
VUPEN ADV-2010-0895
VUPEN ADV-2010-0949
VUPEN ADV-2010-0956
VUPEN ADV-2010-1019
VUPEN ADV-2010-0904
VUPEN ADV-2011-0212
XF sudo-sudoefit-privilege-escalation(57836)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.