CVE-2014-0106 (GCVE-0-2014-0106)
Vulnerability from cvelistv5
Published
2014-03-11 15:00
Modified
2024-08-06 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:05:38.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sudo.ws/sudo/alerts/env_add.html"
},
{
"name": "SUSE-SU-2014:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00003.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2146-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2146-1"
},
{
"name": "RHSA-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0266.html"
},
{
"name": "[oss-security] 20140305 sudo: security policy bypass when env_reset is disabled",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/06/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "65997",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65997"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-15T17:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sudo.ws/sudo/alerts/env_add.html"
},
{
"name": "SUSE-SU-2014:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00003.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2146-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2146-1"
},
{
"name": "RHSA-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0266.html"
},
{
"name": "[oss-security] 20140305 sudo: security policy bypass when env_reset is disabled",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/06/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "65997",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65997"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "http://www.sudo.ws/sudo/alerts/env_add.html",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/sudo/alerts/env_add.html"
},
{
"name": "SUSE-SU-2014:0475",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00003.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2146-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2146-1"
},
{
"name": "RHSA-2014:0266",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0266.html"
},
{
"name": "[oss-security] 20140305 sudo: security policy bypass when env_reset is disabled",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/06/2"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "65997",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65997"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-0106",
"datePublished": "2014-03-11T15:00:00",
"dateReserved": "2013-12-03T00:00:00",
"dateUpdated": "2024-08-06T09:05:38.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-0106\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-03-11T19:37:03.240\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable.\"},{\"lang\":\"es\",\"value\":\"Sudo 1.6.9 anterior a 1.8.5, cuando env_reset est\u00e1 deshabilitada, no comprueba debidamente variables de entorno para la restricci\u00f3n env_delete, lo que permite a usuarios locales con permisos sudo evadir restricciones de comando a trav\u00e9s de una variable de entorno manipulada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:S/C:C/I:C/A:C\",\"baseScore\":6.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":2.7,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.10.4\",\"matchCriteriaId\":\"7883E465-932D-4C11-AA54-97E44181F906\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE103608-6BCB-4EC0-8EB1-110A80829592\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F03EF9C-D90D-425E-AC35-8DD02B7C03F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC8D478-8554-4947-926A-8B1B27DD122D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64435258-4639-438E-825F-E6AA82D41745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C33BC128-A782-465A-8AF0-860EBC8388EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643ABD1F-83E1-4B71-AA59-8CF8B4018A46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8967DE4C-3D41-4BCE-97B0-469FCFBCE332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C0D8CB9-3156-4F7F-A616-59EF530540D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C91B0A-44B6-4B33-A0ED-295C56D97546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07945224-A955-4A33-B54B-11D128FCA0F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F70C45-9522-4F49-A5B9-62E03410F03E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAE0BA2-D9AC-40A3-A4DC-1E33DEE7200C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FEF4FBB-E045-43CE-A9F9-3FF7F9FE3400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68372F8A-9AFD-45DE-A9B8-4CDF3154E349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77DC6C6B-4585-401D-B02E-E70E6157DBC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55788B87-B41B-43F4-BA54-5208A4233500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"837DD56D-267D-4AAA-9DB3-4B42FAE6E10C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"444B3D9E-51F6-4CED-9265-576DBDE40897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73FB7063-441C-445B-9C2E-BF92C8F3F43D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D4170A7-4824-4108-A8CA-988F0E3F3747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93EB0CA9-CE51-4AA3-AF29-4F201EB1A45D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54614B98-E779-4FD9-ABF0-3ACA3F49921F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A84C0BBA-8C4F-457E-A45E-A4C4DB357B61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A22F86-72E8-42AE-BD52-BFF6498AB999\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C585A90-21F0-4BCF-85A4-BF470F581CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.6p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B6FF76-F715-489B-8113-F9E00ADAD739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.6p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DD87C06-62F3-4A7B-B7C1-055C41B9A7C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28E7BF14-597B-4C3F-A8CE-5359C047F9C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4D329BB-490F-4903-93FC-E45AF6EAEE4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.8p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA124FE0-B4E7-4F2E-B611-25D9897C32B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.8p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"662FC083-721B-416B-A081-0C474D6764E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A426F146-45BD-4666-81C0-00B719206288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.9p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CBEB4E5-5B8D-4D01-A2A6-8BD6C39B39C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46C40A7E-2ED8-4D13-A381-A219CC6B1B15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7958DC3-1D59-47CB-A4C8-40EB675ED08A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"119AC9FA-3174-4982-A58F-D5F8FACC7411\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF14E93E-29CA-4A30-966B-5D71A03A6B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E59EA28-3FED-4BBC-AEC6-BE60C3107494\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D576845C-2645-46E5-B6EE-C23FA80A44B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1AB508A-2DA7-4C06-945E-15D057E47DDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6908122E-6977-44EC-AF4F-5AF92ED08982\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2D5B642-2095-4343-A9C7-9922E5D14C1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64150130-C4F5-4229-B492-D06AC7D5E119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B056EA61-D281-43F3-AD63-515D069E9209\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CCE5D7D-D269-4A10-B3C0-C5177F30BD29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F57804C-633D-4A0C-AF73-21C0BFBEA715\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C2447F3-85CF-40F2-9472-B3775DE034DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5B06006-124F-4B11-BEC3-D0E5060FCB56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97FF463B-A0BE-4E14-B644-F42D5D5CAB9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2224F7BC-145F-4E06-AAD8-280AD42339CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"344BF379-17AF-4296-B0A7-947B09C1581B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.3p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1CA5CE6-F191-4FC2-AA36-562EB59E28F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0403E11-4280-49C2-9E38-E0524BC31768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B9393C-63FD-47EF-99F6-AF0186A248F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F2050DA-B737-437A-8BFA-76F0D4C41DCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91329D57-58F5-4159-B156-889D78B9935D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4548A6F5-EEB8-48BB-9653-9676FEBA63BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19B53B8A-6EF1-42BE-90A0-90EE65FBD0F3\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0266.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/03/06/2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/65997\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.sudo.ws/sudo/alerts/env_add.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2146-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0266.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/03/06/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/65997\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.sudo.ws/sudo/alerts/env_add.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2146-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…