CVE-2010-1163

The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.

Published: Apr 16, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-1163
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
todd_miller / sudo	1.6.9_p18	1.6.9_p18.x
todd_miller / sudo	1.7.2p4	1.7.2p4.x
todd_miller / sudo	1.6.8_p7	1.6.8_p7.x
todd_miller / sudo	1.7.0	1.7.0.x
todd_miller / sudo	1.6.9_p22	1.6.9_p22.x
todd_miller / sudo	1.6.8_p12	1.6.8_p12.x
todd_miller / sudo	1.7.1	1.7.1.x
todd_miller / sudo	1.7.2p2	1.7.2p2.x
todd_miller / sudo	1.6.8	1.6.8.x
todd_miller / sudo	1.6.8_p9	1.6.8_p9.x
todd_miller / sudo	1.7.2p1	1.7.2p1.x
todd_miller / sudo	1.7.2p3	1.7.2p3.x
todd_miller / sudo	1.6.8_p1	1.6.8_p1.x
todd_miller / sudo	1.6.9_p21	1.6.9_p21.x
todd_miller / sudo	1.6.9_p19	1.6.9_p19.x
todd_miller / sudo	1.6.9_p17	1.6.9_p17.x
todd_miller / sudo	1.6.9_p20	1.6.9_p20.x
todd_miller / sudo	1.6.8p7	1.6.8p7.x
todd_miller / sudo	1.6.8_p5	1.6.8_p5.x
todd_miller / sudo	1.6.8_p8	1.6.8_p8.x
todd_miller / sudo	1.6.8_p2	1.6.8_p2.x

Vulnerability Database

289,697

CVE-2010-1163