CVE-2005-1993

Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.

Published: Jun 20, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-1993
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.7
AV:L/AC:H/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
todd_miller / sudo	1.5.8	1.5.8.x
todd_miller / sudo	1.6.3_p6	1.6.3_p6.x
todd_miller / sudo	1.3.1	1.3.1.x
todd_miller / sudo	1.5.9	1.5.9.x
todd_miller / sudo	1.6.6	1.6.6.x
todd_miller / sudo	1.6.8_p7	1.6.8_p7.x
todd_miller / sudo	1.6.3	1.6.3.x
todd_miller / sudo	1.6.4_p2	1.6.4_p2.x
todd_miller / sudo	1.6.1	1.6.1.x
todd_miller / sudo	1.6.3_p5	1.6.3_p5.x
todd_miller / sudo	1.5.7	1.5.7.x
todd_miller / sudo	1.6.2	1.6.2.x
todd_miller / sudo	1.6.8	1.6.8.x
todd_miller / sudo	1.6.4_p1	1.6.4_p1.x
todd_miller / sudo	1.6.3_p2	1.6.3_p2.x
todd_miller / sudo	1.6.3_p4	1.6.3_p4.x
todd_miller / sudo	1.6.5_p2	1.6.5_p2.x
todd_miller / sudo	1.6.5	1.6.5.x
todd_miller / sudo	1.6.3_p3	1.6.3_p3.x
todd_miller / sudo	1.6.8_p1	1.6.8_p1.x
todd_miller / sudo	1.6.5_p1	1.6.5_p1.x
todd_miller / sudo	1.6.3_p7	1.6.3_p7.x
todd_miller / sudo	1.6	1.6.x
todd_miller / sudo	1.6.4	1.6.4.x
todd_miller / sudo	1.6.7	1.6.7.x
todd_miller / sudo	1.6.8_p8	1.6.8_p8.x
todd_miller / sudo	1.6.3_p1	1.6.3_p1.x
todd_miller / sudo	1.5.6	1.5.6.x
todd_miller / sudo	1.6.7_p5	1.6.7_p5.x

Vulnerability Database

289,689

CVE-2005-1993