Vulnerability CVE-2002-0043

Vulnerability Name:

CVE-2002-0043 (CCN-7891)

Assigned:

2002-01-14

Published:

2002-01-14

Updated:

2018-05-03

Summary:

sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.

CVSS v3 Severity:

9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Gain Privileges

References:

Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-02:06
sudo port may enable local privilege escalation

Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-02:06

Source: CCN
Type: BugTraq Mailing List, Mon Jan 14 2002 - 09:49:51 CST
Sudo version 1.6.4 now available (fwd)

Source: CCN
Type: BugTraq Mailing List, Tue Jan 15 2002 - 22:44:58 CST
Sudo +Postfix Exploit

Source: MITRE
Type: CNA
CVE-2002-0043

Source: CONECTIVA
Type: UNKNOWN
CLA-2002:451

Source: CCN
Type: Conectiva Linux Announcement CLSA-2002:451
sudo

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2002:003

Source: BUGTRAQ
Type: UNKNOWN
20020116 Sudo +Postfix Exploit

Source: CCN
Type: RHSA-2002-011
Updated sudo packages are available

Source: CCN
Type: RHSA-2002-013
Updated sudo package is available

Source: DEBIAN
Type: UNKNOWN
DSA-101

Source: DEBIAN
Type: DSA-101
sudo -- Local root exploit

Source: CCN
Type: EnGarde Secure Linux Security Advisory ESA-20020114-001
sudo

Source: SUSE
Type: UNKNOWN
SuSE-SA:2002:002

Source: CCN
Type: OSVDB ID: 2025
sudo Unclean Environment Variable Root Program Execution

Source: REDHAT
Type: UNKNOWN
RHSA-2002:011

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2002:013

Source: IMMUNIX
Type: UNKNOWN
IMNX-2002-70-001-01

Source: BUGTRAQ
Type: Vendor Advisory
20020114 Sudo version 1.6.4 now available (fwd)

Source: BID
Type: UNKNOWN
3871

Source: CCN
Type: BID-3871
Sudo Unclean Environment Variable Root Program Execution Vulnerability

Source: MISC
Type: UNKNOWN
http://www.sudo.ws/sudo/alerts/postfix.html

Source: CCN
Type: Sudo Web site
Index of /sudo/dist

Source: XF
Type: UNKNOWN
sudo-unclean-env-root(7891)

Source: XF
Type: UNKNOWN
sudo-unclean-env-root(7891)

Vulnerable Configuration:

Configuration 1:

cpe:/a:todd_miller:sudo:1.6:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*

OR cpe:/a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*