Vulnerability-Lookup

CVE-2010-0426 (GCVE-0-2010-0426)

Vulnerability from cvelistv5 – Published: 2010-02-24 18:00 – Updated: 2024-08-07 00:45

Summary

sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://secunia.com/advisories/38803	third-party-advisoryx_refsource_SECUNIA
	ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz	x_refsource_CONFIRM
	http://sudo.ws/repos/sudo/rev/88f3181692fe	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.gentoo.org/security/en/glsa/glsa-20100…	vendor-advisoryx_refsource_GENTOO
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/38762	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2010/dsa-2006	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/39399	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/38362	vdb-entryx_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.securityfocus.com/archive/1/514489/100…	mailing-listx_refsource_BUGTRAQ
	http://www.ubuntu.com/usn/USN-905-1	vendor-advisoryx_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.vupen.com/english/advisories/2010/0949	vdb-entryx_refsource_VUPEN
	http://sudo.ws/bugs/show_bug.cgi?id=389	x_refsource_CONFIRM
	http://wiki.rpath.com/Advisories:rPSA-2010-0075	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/0450	vdb-entryx_refsource_VUPEN
	http://www.sudo.ws/sudo/stable.html	x_refsource_CONFIRM
	http://secunia.com/advisories/38659	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/38795	third-party-advisoryx_refsource_SECUNIA
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737	x_refsource_MISC
	http://www.linuxquestions.org/questions/linux-sec…	x_refsource_MISC
	http://secunia.com/advisories/38915	third-party-advisoryx_refsource_SECUNIA
	http://sudo.ws/repos/sudo/rev/f86e1b56d074	x_refsource_CONFIRM
	http://securitytracker.com/id?1023658	vdb-entryx_refsource_SECTRACK
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:12.329Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38803",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38803"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
          },
          {
            "name": "oval:org.mitre.oval:def:7238",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
          },
          {
            "name": "GLSA-201003-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
          },
          {
            "name": "MDVSA-2010:049",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
          },
          {
            "name": "FEDORA-2010-6701",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
          },
          {
            "name": "38762",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38762"
          },
          {
            "name": "DSA-2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2006"
          },
          {
            "name": "39399",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39399"
          },
          {
            "name": "38362",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38362"
          },
          {
            "name": "FEDORA-2010-6749",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
          },
          {
            "name": "20101027 rPSA-2010-0075-1 sudo",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
          },
          {
            "name": "USN-905-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-905-1"
          },
          {
            "name": "oval:org.mitre.oval:def:10814",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
          },
          {
            "name": "SUSE-SR:2010:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
          },
          {
            "name": "ADV-2010-0949",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0949"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
          },
          {
            "name": "ADV-2010-0450",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/stable.html"
          },
          {
            "name": "38659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38659"
          },
          {
            "name": "38795",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38795"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
          },
          {
            "name": "38915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
          },
          {
            "name": "1023658",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023658"
          },
          {
            "name": "SSA:2010-110-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "38803",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38803"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
        },
        {
          "name": "oval:org.mitre.oval:def:7238",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
        },
        {
          "name": "GLSA-201003-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
        },
        {
          "name": "MDVSA-2010:049",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
        },
        {
          "name": "FEDORA-2010-6701",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
        },
        {
          "name": "38762",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38762"
        },
        {
          "name": "DSA-2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2006"
        },
        {
          "name": "39399",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39399"
        },
        {
          "name": "38362",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38362"
        },
        {
          "name": "FEDORA-2010-6749",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
        },
        {
          "name": "20101027 rPSA-2010-0075-1 sudo",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
        },
        {
          "name": "USN-905-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-905-1"
        },
        {
          "name": "oval:org.mitre.oval:def:10814",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
        },
        {
          "name": "SUSE-SR:2010:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
        },
        {
          "name": "ADV-2010-0949",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0949"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
        },
        {
          "name": "ADV-2010-0450",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/stable.html"
        },
        {
          "name": "38659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38659"
        },
        {
          "name": "38795",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38795"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
        },
        {
          "name": "38915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
        },
        {
          "name": "1023658",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023658"
        },
        {
          "name": "SSA:2010-110-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-0426",
    "datePublished": "2010-02-24T18:00:00.000Z",
    "dateReserved": "2010-01-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T00:45:12.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

FKIE_CVE-2010-0426

Vulnerability from fkie_nvd - Published: 2010-02-24 18:30 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz	Patch
secalert@redhat.com	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
secalert@redhat.com	http://secunia.com/advisories/38659	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/38762
secalert@redhat.com	http://secunia.com/advisories/38795
secalert@redhat.com	http://secunia.com/advisories/38803
secalert@redhat.com	http://secunia.com/advisories/38915
secalert@redhat.com	http://secunia.com/advisories/39399
secalert@redhat.com	http://securitytracker.com/id?1023658
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019
secalert@redhat.com	http://sudo.ws/bugs/show_bug.cgi?id=389
secalert@redhat.com	http://sudo.ws/repos/sudo/rev/88f3181692fe
secalert@redhat.com	http://sudo.ws/repos/sudo/rev/f86e1b56d074
secalert@redhat.com	http://wiki.rpath.com/Advisories:rPSA-2010-0075
secalert@redhat.com	http://www.debian.org/security/2010/dsa-2006
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml
secalert@redhat.com	http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2010:049
secalert@redhat.com	http://www.securityfocus.com/archive/1/514489/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/38362	Patch
secalert@redhat.com	http://www.sudo.ws/sudo/stable.html	Patch
secalert@redhat.com	http://www.ubuntu.com/usn/USN-905-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/0450	Vendor Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/0949
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz	Patch
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38659	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38762
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38795
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38803
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38915
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/39399
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023658
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019
af854a3a-2127-422b-91ae-364da2661108	http://sudo.ws/bugs/show_bug.cgi?id=389
af854a3a-2127-422b-91ae-364da2661108	http://sudo.ws/repos/sudo/rev/88f3181692fe
af854a3a-2127-422b-91ae-364da2661108	http://sudo.ws/repos/sudo/rev/f86e1b56d074
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/Advisories:rPSA-2010-0075
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2010/dsa-2006
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2010:049
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/514489/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38362	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.sudo.ws/sudo/stable.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-905-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0450	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0949
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238

Impacted products

Vendor	Product	Version
todd_miller	sudo	1.6
todd_miller	sudo	1.6.1
todd_miller	sudo	1.6.2
todd_miller	sudo	1.6.3
todd_miller	sudo	1.6.3_p1
todd_miller	sudo	1.6.3_p2
todd_miller	sudo	1.6.3_p3
todd_miller	sudo	1.6.3_p4
todd_miller	sudo	1.6.3_p5
todd_miller	sudo	1.6.3_p6
todd_miller	sudo	1.6.3_p7
todd_miller	sudo	1.6.4_p1
todd_miller	sudo	1.6.4_p2
todd_miller	sudo	1.6.5_p1
todd_miller	sudo	1.6.5_p2
todd_miller	sudo	1.6.7_p5
todd_miller	sudo	1.6.8_p1
todd_miller	sudo	1.6.8_p2
todd_miller	sudo	1.6.8_p5
todd_miller	sudo	1.6.8_p7
todd_miller	sudo	1.6.8_p8
todd_miller	sudo	1.6.8_p9
todd_miller	sudo	1.6.8_p12
todd_miller	sudo	1.6.9_p17
todd_miller	sudo	1.6.9_p18
todd_miller	sudo	1.6.9_p19
todd_miller	sudo	1.7.0
todd_miller	sudo	1.7.1
todd_miller	sudo	1.7.2
todd_miller	sudo	1.7.2p1
todd_miller	sudo	1.7.2p2
todd_miller	sudo	1.7.2p3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "976B5923-1BCC-4DE6-A904-930DD833B937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5452DF1-0270-452D-90EB-45E9A084B94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFD12E6-F92E-4371-ADA7-BCD41E4C9014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FDF4FB-06FA-4A10-A3CF-F52169BC8072",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B29018-B495-482A-8FF7-66821A178F9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "38718561-70C7-4E0D-9313-87A5E82ED338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D057064A-9B34-4224-97BA-4D5840A92BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3C297DC-69B1-4BE6-A5EF-D320BD0CA968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F4C1FFB-F6AA-4DED-9C54-DCB274F59A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*",
              "matchCriteriaId": "338A92AC-92D2-40BF-9FAC-884AF6F74D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DB5610-03CE-425E-8855-70D5787029FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5170421-BA0C-4365-9CD6-BD232EA08680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5909AAA4-4AF9-4D23-87C5-5D7787909B02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "03C07744-CAE8-44C6-965E-2A09BAE1F36C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B17E0E59-C928-49AB-BAA7-4AE638B376D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7_p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C898BE7-506D-49DA-8619-F86C7A9FE902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F7E821-2908-47F1-9665-E9D68ECC242F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90D0AB4-F8A8-4301-99B5-757254FA999A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79C7098-37D0-4E6E-A22C-3C771D81956F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7D2832-B654-406E-AA34-B3BD1D6F0A2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5688D95-89EF-4D2E-9728-2316CAC3CBE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B69E49B2-1B3C-4434-ACF1-CF4F519E3C32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p12:*:*:*:*:*:*:*",
              "matchCriteriaId": "31B2C299-5D0B-44DA-91FD-4B1146BE9A7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p17:*:*:*:*:*:*:*",
              "matchCriteriaId": "471284F9-21EF-4ED6-860F-AB86154CCDF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p18:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C91FEB5-CEF5-4C66-A8D2-AE80EA32B10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9_p19:*:*:*:*:*:*:*",
              "matchCriteriaId": "E106EBA5-14B3-48F7-BE00-9F0ABD57C33B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "643ABD1F-83E1-4B71-AA59-8CF8B4018A46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8967DE4C-3D41-4BCE-97B0-469FCFBCE332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D8CB9-3156-4F7F-A616-59EF530540D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C91B0A-44B6-4B33-A0ED-295C56D97546",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07945224-A955-4A33-B54B-11D128FCA0F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "41F70C45-9522-4F49-A5B9-62E03410F03E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory."
    },
    {
      "lang": "es",
      "value": "sudo v1.6.x anterior a v1.6.9p21 y v1.7.x anterior a v1.7.2p4, cuando un pseudo-comando est\u00e1 activado, permite la coincidencia entre el nombre del pseudo-comando y el nombre de un archivo ejecutable en un directorio cualquiera, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de un archivo ejecutable manipulado, como se ha demostrado mediante el archivo sudoedit en el directorio home de un usuario."
    }
  ],
  "id": "CVE-2010-0426",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-02-24T18:30:00.627",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38659"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/38762"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/38795"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/38803"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/38915"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/39399"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1023658"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/38362"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.sudo.ws/sudo/stable.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-905-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0450"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0949"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38762"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38803"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/38362"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.sudo.ws/sudo/stable.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-905-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "This issue was addressed in Red Hat Enterprise Linux 5 via: https://rhn.redhat.com/errata/RHSA-2010-0122.html\n\nIt did not affect the versions of the sudo package as shipped with Red Hat Enterprise Linux 3 and 4.",
      "lastModified": "2010-03-02T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2010-0426

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-0426

Aliases

CVE-2010-0426

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-0426",
    "description": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory.",
    "id": "GSD-2010-0426",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-0426.html",
      "https://www.debian.org/security/2010/dsa-2006",
      "https://access.redhat.com/errata/RHSA-2010:0122",
      "https://linux.oracle.com/cve/CVE-2010-0426.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-0426"
      ],
      "details": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory.",
      "id": "GSD-2010-0426",
      "modified": "2023-12-13T01:21:28.791467Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2010-0426",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
          },
          {
            "name": "http://secunia.com/advisories/38915",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/38915"
          },
          {
            "name": "http://wiki.rpath.com/Advisories:rPSA-2010-0075",
            "refsource": "MISC",
            "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/514489/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
          },
          {
            "name": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz",
            "refsource": "MISC",
            "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
          },
          {
            "name": "http://secunia.com/advisories/38762",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/38762"
          },
          {
            "name": "http://secunia.com/advisories/38795",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/38795"
          },
          {
            "name": "http://secunia.com/advisories/38803",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/38803"
          },
          {
            "name": "http://securitytracker.com/id?1023658",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1023658"
          },
          {
            "name": "http://www.debian.org/security/2010/dsa-2006",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2010/dsa-2006"
          },
          {
            "name": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml",
            "refsource": "MISC",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
          },
          {
            "name": "http://www.ubuntu.com/usn/USN-905-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/USN-905-1"
          },
          {
            "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737",
            "refsource": "MISC",
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
          },
          {
            "name": "http://secunia.com/advisories/38659",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/38659"
          },
          {
            "name": "http://secunia.com/advisories/39399",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/39399"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
          },
          {
            "name": "http://sudo.ws/bugs/show_bug.cgi?id=389",
            "refsource": "MISC",
            "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
          },
          {
            "name": "http://sudo.ws/repos/sudo/rev/88f3181692fe",
            "refsource": "MISC",
            "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
          },
          {
            "name": "http://sudo.ws/repos/sudo/rev/f86e1b56d074",
            "refsource": "MISC",
            "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
          },
          {
            "name": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/",
            "refsource": "MISC",
            "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
          },
          {
            "name": "http://www.securityfocus.com/bid/38362",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/38362"
          },
          {
            "name": "http://www.sudo.ws/sudo/stable.html",
            "refsource": "MISC",
            "url": "http://www.sudo.ws/sudo/stable.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/0450",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/0450"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/0949",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/0949"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8_p12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8_p2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8_p5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.7_p5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9_p18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9_p19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8_p9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9_p17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2010-0426"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz"
            },
            {
              "name": "http://www.sudo.ws/sudo/stable.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.sudo.ws/sudo/stable.html"
            },
            {
              "name": "http://sudo.ws/repos/sudo/rev/88f3181692fe",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
            },
            {
              "name": "ADV-2010-0450",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0450"
            },
            {
              "name": "38362",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/38362"
            },
            {
              "name": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737",
              "refsource": "MISC",
              "tags": [],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
            },
            {
              "name": "38659",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/38659"
            },
            {
              "name": "http://sudo.ws/repos/sudo/rev/f86e1b56d074",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
            },
            {
              "name": "http://sudo.ws/bugs/show_bug.cgi?id=389",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
            },
            {
              "name": "SUSE-SR:2010:006",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
            },
            {
              "name": "38915",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/38915"
            },
            {
              "name": "38795",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/38795"
            },
            {
              "name": "USN-905-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-905-1"
            },
            {
              "name": "MDVSA-2010:049",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
            },
            {
              "name": "1023658",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1023658"
            },
            {
              "name": "38803",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/38803"
            },
            {
              "name": "GLSA-201003-01",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
            },
            {
              "name": "39399",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/39399"
            },
            {
              "name": "SSA:2010-110-01",
              "refsource": "SLACKWARE",
              "tags": [],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
            },
            {
              "name": "ADV-2010-0949",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/0949"
            },
            {
              "name": "FEDORA-2010-6749",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
            },
            {
              "name": "FEDORA-2010-6701",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
            },
            {
              "name": "DSA-2006",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2010/dsa-2006"
            },
            {
              "name": "38762",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/38762"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2010-0075",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
            },
            {
              "name": "oval:org.mitre.oval:def:7238",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
            },
            {
              "name": "oval:org.mitre.oval:def:10814",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
            },
            {
              "name": "20101027 rPSA-2010-0075-1 sudo",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-10T19:52Z",
      "publishedDate": "2010-02-24T18:30Z"
    }
  }
}

CERTFR-2014-AVI-480

Vulnerability from certfr_avis - Published: 2014-11-13 - Updated: 2014-11-13

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	CTPOS versions antérieures à 6.6R2
ESET	Security	Juniper Security Threat Response Manager versions 2012.1, 2013.1, 2013.2
Juniper Networks	N/A	CTPView versions 4.2, 4.3, 4.4, 4.5, 4.6
Juniper Networks	Junos Space	Junos Space jusqu'à la version 13.3
Juniper Networks	Secure Analytics	Juniper Secure Analytics versions 2013.2, 2014.1, 2014.2
ESET	Security	Network and Security Manager (NSM) version 2012.2

References

Title

Publication Time

GHSA-9J25-F2WW-M5PF

Vulnerability from github – Published: 2022-05-03 03:21 – Updated: 2022-05-03 03:21

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-0426"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-02-24T18:30:00Z",
    "severity": "MODERATE"
  },
  "details": "sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user\u0027s home directory.",
  "id": "GHSA-9j25-f2ww-m5pf",
  "modified": "2022-05-03T03:21:21Z",
  "published": "2022-05-03T03:21:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0426"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38659"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38762"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38795"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38803"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38915"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/39399"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1023658"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.577019"
    },
    {
      "type": "WEB",
      "url": "http://sudo.ws/bugs/show_bug.cgi?id=389"
    },
    {
      "type": "WEB",
      "url": "http://sudo.ws/repos/sudo/rev/88f3181692fe"
    },
    {
      "type": "WEB",
      "url": "http://sudo.ws/repos/sudo/rev/f86e1b56d074"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2010/dsa-2006"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:049"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/38362"
    },
    {
      "type": "WEB",
      "url": "http://www.sudo.ws/sudo/stable.html"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-905-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0450"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0949"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-0426 (GCVE-0-2010-0426)

FKIE_CVE-2010-0426

GSD-2010-0426

CERTFR-2014-AVI-480

Solution

GHSA-9J25-F2WW-M5PF

Tags

Sightings

Nomenclature