Sudo VISudo Insecure Temporary File Creation Vulnerability

Bugtraq ID: 13171
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: Apr 14 2005 12:00AM
Updated: Apr 14 2005 12:00AM
Credit: Discovery of this issue is credited to Imran Ghory <imranghory@gmail.com>.
Vulnerable: Todd Miller Sudo 1.6.8 p8
+ OpenPKG OpenPKG 2.4
+ OpenPKG OpenPKG Current
+ Red Hat Fedora Core4
Todd Miller Sudo 1.6.8 p1
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ OpenPKG OpenPKG 2.2
+ OpenPKG OpenPKG Current
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.7 p5
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.1
+ Red Hat Fedora Core3
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.6
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Slackware Linux 8.0
Todd Miller Sudo 1.6.5 p2
+ NetBSD NetBSD 1.5.2
+ OpenBSD OpenBSD 3.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Todd Miller Sudo 1.6.5 p1
+ Slackware Linux 8.0
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.4 p2
Todd Miller Sudo 1.6.4 p1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
Todd Miller Sudo 1.6.4
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
Todd Miller Sudo 1.6.3 p7
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ Slackware Linux 8.0
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
Todd Miller Sudo 1.6.3 p6
+ Guardian Digital Engarde Secure Linux 1.0.1
+ Guardian Digital Engarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 alpha
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 7.0
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 7.0
Todd Miller Sudo 1.6.3 p5
Todd Miller Sudo 1.6.3 p4
+ Slackware Linux 7.1
Todd Miller Sudo 1.6.3 p3
Todd Miller Sudo 1.6.3 p2
Todd Miller Sudo 1.6.3 p1
Todd Miller Sudo 1.6.3
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
Todd Miller Sudo 1.6.2
- Debian Linux 2.2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.5.9
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.6
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus