var-200503-0061
Vulnerability from variot
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. A restricted command execution bypass vulnerability affects GratiSoft's Sudo application. This issue is due to a design error that causes the application to fail to properly sanitize user-supplied environment variables. An attacker with sudo privileges may leverage this issue to execute commands that are explicitly disallowed. This may facilitate privileges escalation and certainly leads to a false sense of security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200503-0061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.6,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.3,
"vendor": "trustix",
"version": "2.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.3,
"vendor": "trustix",
"version": "1.5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.5.8"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "3.0"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p6"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "9.2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.8_p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.5_p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p2"
},
{
"model": "mandrake multi network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.7"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.5.9"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.5"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.4_p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.4_p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p7"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.5.6"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.0"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.5_p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.5.7"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "1.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux ia32",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.7"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.6"
},
{
"model": "miller sudo p2",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.5"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.5"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.5"
},
{
"model": "miller sudo p2",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.4"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.4"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.4"
},
{
"model": "miller sudo p7",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p6",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p5",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p4",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p3",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p2",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.2"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6.1"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.6"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.5.9"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.5.8"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.5.7"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.3,
"vendor": "todd",
"version": "1.5.6"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "linux i686",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.0"
},
{
"model": "linux mandrake amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "9.2"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.0"
},
{
"model": "sudo p2",
"scope": "ne",
"trust": 0.3,
"vendor": "gratisoft",
"version": "1.6.8"
}
],
"sources": [
{
"db": "BID",
"id": "11668"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
},
{
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this issue is credited to Liam Helmer.",
"sources": [
{
"db": "BID",
"id": "11668"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
}
],
"trust": 0.9
},
"cve": "CVE-2004-1051",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2004-1051",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-9481",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1051",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2004-1051",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200503-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9481",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9481"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
},
{
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sudo before 1.6.8p2 allows local users to execute arbitrary commands by using \"()\" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program\u0027s full pathname. A restricted command execution bypass vulnerability affects GratiSoft\u0027s Sudo application. This issue is due to a design error that causes the application to fail to properly sanitize user-supplied environment variables. \nAn attacker with sudo privileges may leverage this issue to execute commands that are explicitly disallowed. This may facilitate privileges escalation and certainly leads to a false sense of security",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1051"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"db": "BID",
"id": "11668"
},
{
"db": "VULHUB",
"id": "VHN-9481"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11668",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2004-1051",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1012224",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000488",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006",
"trust": 0.7
},
{
"db": "DEBIAN",
"id": "DSA-596",
"trust": 0.6
},
{
"db": "XF",
"id": "18055",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-28-1",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20041112 SUDO VERSION 1.6.8P2 NOW AVAILABLE (FWD)",
"trust": 0.6
},
{
"db": "TRUSTIX",
"id": "2004-0061",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2005-05-03",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2004:133",
"trust": 0.6
},
{
"db": "OPENPKG",
"id": "OPENPKG-SA-2005.002",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9481",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9481"
},
{
"db": "BID",
"id": "11668"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
},
{
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"id": "VAR-200503-0061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9481"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:10:52.620000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "sudo",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/data/sudo.html"
},
{
"title": "TLSA-2005-17",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2005/TLSA-2005-17.txt"
},
{
"title": "TLSA-2005-17",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2005/TLSA-2005-17j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/11668"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2005/may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.sudo.ws/sudo/alerts/bash_functions.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2004/dsa-596"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:133"
},
{
"trust": 1.7,
"url": "http://www.trustix.org/errata/2004/0061/"
},
{
"trust": 1.1,
"url": "https://www.ubuntu.com/usn/usn-28-1/"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18055"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=110028877431192\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=110598298225675\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1051"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1051"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/nov/1012224.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/18055"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110598298225675\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110073149111410\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=110028877431192\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.courtesan.com/sudo/alerts/bash_functions.html"
},
{
"trust": 0.3,
"url": "http://www.courtesan.com/sudo/sudo.html"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=110028877431192\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=110598298225675\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9481"
},
{
"db": "BID",
"id": "11668"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
},
{
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9481"
},
{
"db": "BID",
"id": "11668"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
},
{
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-03-01T00:00:00",
"db": "VULHUB",
"id": "VHN-9481"
},
{
"date": "2004-11-12T00:00:00",
"db": "BID",
"id": "11668"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"date": "2005-03-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-006"
},
{
"date": "2005-03-01T05:00:00",
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9481"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11668"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000488"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200503-006"
},
{
"date": "2017-07-11T01:30:41.310000",
"db": "NVD",
"id": "CVE-2004-1051"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "11668"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GratiSoft Sudo Restricted Command Execution Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "11668"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "11668"
},
{
"db": "CNNVD",
"id": "CNNVD-200503-006"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.