cbcvebase.
CVE-2002-0043
published 2002-01-31

CVE-2002-0043: sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by…

PriorityP427high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.94%
56.4th percentile
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.

Affected

11 ranges
VendorProductVersion rangeFixed in
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo
todd_millersudo

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.