CVE-1999-1496

Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.

Published: Jun 8, 1999
Updated: Apr 13, 2023
CVE: CVE-1999-1496
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
todd_miller / sudo	1.5	1.5.x
debian / debian_linux	2.1	2.1.x
redhat / linux	6.0	6.0.x

http://www.securityfocus.com/archive/1/14665
http://www.securityfocus.com/bid/321
https://exchange.xforce.ibmcloud.com/vulnerabilities/2277

Vulnerability Database

289,599

CVE-1999-1496