Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-4158

14 documents9 sources
Severity
4.6MEDIUM
EPSS
0.8%
top 25.53%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Todd Miller Sudo
Timeline
PublishedDec 11
Latest updateMay 1

Description

Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

Debiansudo< 1.6.8p12-1+3
NVDtodd_miller/sudo30 versions+29

Patches

Patch: secunia.comPatch: securitytracker.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-h6pw-5prw-wv25: Sudo before 12022-05-01
CVEList
CVE-2005-4158: Sudo before 12005-12-11
OSV
CVE-2005-4158: Sudo before 12005-12-11

💥Exploits & PoCs

3
Exploit-DB
Sudo 1.6.x - Environment Variable Handling Security Bypass (2)2006-01-09
Exploit-DB
Sudo 1.6.x - Environment Variable Handling Security Bypass (1)2006-01-09
Exploit-DB
Sudo Perl 1.6.x - Environment Variable Handling Security Bypass2005-11-11

📋Vendor Advisories

6
Ubuntu
sudo vulnerability2006-01-09
Ubuntu
sudo vulnerability2006-01-06
Debian
CVE-2005-4158: sudo - Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) P...2005
Red Hat
CVE-2004-1051 bash scripts run via Sudo can be subverted (CVE-2005-4158, CVE-2006-0151)2004-11-11
Red Hat
CVE-2004-1051 bash scripts run via Sudo can be subverted (CVE-2005-4158, CVE-2006-0151)2004-11-11

💬Community

1
Bugzilla
CVE-2004-1051 bash scripts run via Sudo can be subverted (CVE-2005-4158, CVE-2006-0151)2004-11-16
CVE-2005-4158 (MEDIUM CVSS 4.6) | Sudo before 1.6.8 p12 | cvebase.io