Vulnerabilities > CVE-2005-1119 - Unspecified vulnerability in Todd Miller Sudo

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

NVD

Published: 2005-05-02

Updated: 2008-09-05

Summary

Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files.

Part	Description	Count
Application	Todd_Miller Todd Miller Sudo 1.5.6 Todd Miller Sudo 1.5.7 Todd Miller Sudo 1.5.8 Todd Miller Sudo 1.5.9 Todd Miller Sudo 1.6 Todd Miller Sudo 1.6.1 Todd Miller Sudo 1.6.2 Todd Miller Sudo 1.6.3 Todd Miller Sudo 1.6.3_P1 Todd Miller Sudo 1.6.3_P2 Todd Miller Sudo 1.6.3_P3 Todd Miller Sudo 1.6.3_P4 Todd Miller Sudo 1.6.3_P5 Todd Miller Sudo 1.6.3_P6 Todd Miller Sudo 1.6.3_P7 Todd Miller Sudo 1.6.4 Todd Miller Sudo 1.6.4_P1 Todd Miller Sudo 1.6.4_P2 Todd Miller Sudo 1.6.5 Todd Miller Sudo 1.6.5_P1 Todd Miller Sudo 1.6.5_P2 Todd Miller Sudo 1.6.6 Todd Miller Sudo 1.6.7 Todd Miller Sudo 1.6.7_P5 Todd Miller Sudo 1.6.8 Todd Miller Sudo 1.6.8_P1 Todd Miller Sudo 1.6.8_P8	27

contributor	Mark J Cox
lastmodified	2006-08-30
organization	Red Hat
statement	We do not consider this a security issue, the bug can only manifest if the software is invoked on a sudoers file that is contained in a world writable directory.