The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Sudo | Todd_miller | 1.3.1 (including) | 1.3.1 (including) |
| Sudo | Todd_miller | 1.6 (including) | 1.6 (including) |
| Sudo | Todd_miller | 1.6.1 (including) | 1.6.1 (including) |
| Sudo | Todd_miller | 1.6.2 (including) | 1.6.2 (including) |
| Sudo | Todd_miller | 1.6.2p1 (including) | 1.6.2p1 (including) |
| Sudo | Todd_miller | 1.6.2p2 (including) | 1.6.2p2 (including) |
| Sudo | Todd_miller | 1.6.2p3 (including) | 1.6.2p3 (including) |
| Sudo | Todd_miller | 1.6.3 (including) | 1.6.3 (including) |
| Sudo | Todd_miller | 1.6.3p1 (including) | 1.6.3p1 (including) |
| Sudo | Todd_miller | 1.6.3p2 (including) | 1.6.3p2 (including) |
| Sudo | Todd_miller | 1.6.3p3 (including) | 1.6.3p3 (including) |
| Sudo | Todd_miller | 1.6.3p4 (including) | 1.6.3p4 (including) |
| Sudo | Todd_miller | 1.6.3p5 (including) | 1.6.3p5 (including) |
| Sudo | Todd_miller | 1.6.3p6 (including) | 1.6.3p6 (including) |
| Sudo | Todd_miller | 1.6.3p7 (including) | 1.6.3p7 (including) |
| Sudo | Todd_miller | 1.6.4 (including) | 1.6.4 (including) |
| Sudo | Todd_miller | 1.6.4p1 (including) | 1.6.4p1 (including) |
| Sudo | Todd_miller | 1.6.4p2 (including) | 1.6.4p2 (including) |
| Sudo | Todd_miller | 1.6.5 (including) | 1.6.5 (including) |
| Sudo | Todd_miller | 1.6.5p1 (including) | 1.6.5p1 (including) |
| Sudo | Todd_miller | 1.6.5p2 (including) | 1.6.5p2 (including) |
| Sudo | Todd_miller | 1.6.6 (including) | 1.6.6 (including) |
| Sudo | Todd_miller | 1.6.7 (including) | 1.6.7 (including) |
| Sudo | Todd_miller | 1.6.7p1 (including) | 1.6.7p1 (including) |
| Sudo | Todd_miller | 1.6.7p2 (including) | 1.6.7p2 (including) |
| Sudo | Todd_miller | 1.6.7p3 (including) | 1.6.7p3 (including) |
| Sudo | Todd_miller | 1.6.7p4 (including) | 1.6.7p4 (including) |
| Sudo | Todd_miller | 1.6.7p5 (including) | 1.6.7p5 (including) |
| Sudo | Todd_miller | 1.6.8 (including) | 1.6.8 (including) |
| Sudo | Todd_miller | 1.6.8p1 (including) | 1.6.8p1 (including) |
| Sudo | Todd_miller | 1.6.8p2 (including) | 1.6.8p2 (including) |
| Sudo | Todd_miller | 1.6.8p3 (including) | 1.6.8p3 (including) |
| Sudo | Todd_miller | 1.6.8p4 (including) | 1.6.8p4 (including) |
| Sudo | Todd_miller | 1.6.8p5 (including) | 1.6.8p5 (including) |
| Sudo | Todd_miller | 1.6.8p6 (including) | 1.6.8p6 (including) |
| Sudo | Todd_miller | 1.6.8p7 (including) | 1.6.8p7 (including) |
| Sudo | Todd_miller | 1.6.8p8 (including) | 1.6.8p8 (including) |
| Sudo | Todd_miller | 1.6.8p9 (including) | 1.6.8p9 (including) |
| Sudo | Todd_miller | 1.6.8p10 (including) | 1.6.8p10 (including) |
| Sudo | Todd_miller | 1.6.8p11 (including) | 1.6.8p11 (including) |
| Sudo | Todd_miller | 1.6.8p12 (including) | 1.6.8p12 (including) |
| Sudo | Todd_miller | 1.6.9 (including) | 1.6.9 (including) |
| Sudo | Todd_miller | 1.6.9p1 (including) | 1.6.9p1 (including) |
| Sudo | Todd_miller | 1.6.9p2 (including) | 1.6.9p2 (including) |
| Sudo | Todd_miller | 1.6.9p3 (including) | 1.6.9p3 (including) |
| Sudo | Todd_miller | 1.6.9p4 (including) | 1.6.9p4 (including) |
| Sudo | Todd_miller | 1.6.9p5 (including) | 1.6.9p5 (including) |
| Sudo | Todd_miller | 1.6.9p6 (including) | 1.6.9p6 (including) |
| Sudo | Todd_miller | 1.6.9p7 (including) | 1.6.9p7 (including) |
| Sudo | Todd_miller | 1.6.9p8 (including) | 1.6.9p8 (including) |
| Sudo | Todd_miller | 1.6.9p9 (including) | 1.6.9p9 (including) |
| Sudo | Todd_miller | 1.6.9p10 (including) | 1.6.9p10 (including) |
| Sudo | Todd_miller | 1.6.9p11 (including) | 1.6.9p11 (including) |
| Sudo | Todd_miller | 1.6.9p12 (including) | 1.6.9p12 (including) |
| Sudo | Todd_miller | 1.6.9p13 (including) | 1.6.9p13 (including) |
| Sudo | Todd_miller | 1.6.9p14 (including) | 1.6.9p14 (including) |
| Sudo | Todd_miller | 1.6.9p15 (including) | 1.6.9p15 (including) |
| Sudo | Todd_miller | 1.6.9p16 (including) | 1.6.9p16 (including) |
| Sudo | Todd_miller | 1.6.9p17 (including) | 1.6.9p17 (including) |
| Sudo | Todd_miller | 1.6.9p18 (including) | 1.6.9p18 (including) |
| Sudo | Todd_miller | 1.6.9p19 (including) | 1.6.9p19 (including) |
| Sudo | Todd_miller | 1.6.9p20 (including) | 1.6.9p20 (including) |
| Sudo | Todd_miller | 1.6.9p21 (including) | 1.6.9p21 (including) |
| Sudo | Todd_miller | 1.6.9p22 (including) | 1.6.9p22 (including) |
| Sudo | Todd_miller | 1.7.0 (including) | 1.7.0 (including) |
| Sudo | Todd_miller | 1.7.1 (including) | 1.7.1 (including) |
| Sudo | Todd_miller | 1.7.2 (including) | 1.7.2 (including) |
| Sudo | Todd_miller | 1.7.2p1 (including) | 1.7.2p1 (including) |
| Sudo | Todd_miller | 1.7.2p2 (including) | 1.7.2p2 (including) |
| Sudo | Todd_miller | 1.7.2p3 (including) | 1.7.2p3 (including) |
| Sudo | Todd_miller | 1.7.2p4 (including) | 1.7.2p4 (including) |
| Sudo | Todd_miller | 1.7.2p5 (including) | 1.7.2p5 (including) |
| Sudo | Todd_miller | 1.7.2p6 (including) | 1.7.2p6 (including) |
| Sudo | Todd_miller | 1.7.2p7 (including) | 1.7.2p7 (including) |
| Red Hat Enterprise Linux 5 | RedHat | sudo-0:1.7.2p1-7.el5_5 | * |
| Sudo | Ubuntu | dapper | * |
| Sudo | Ubuntu | devel | * |
| Sudo | Ubuntu | hardy | * |
| Sudo | Ubuntu | jaunty | * |
| Sudo | Ubuntu | karmic | * |
| Sudo | Ubuntu | lucid | * |
| Sudo | Ubuntu | upstream | * |