CVE-2004-1051
CVSS7.2
发布时间 :2005-03-01 00:00:00
修订时间 :2016-10-17 22:50:59
NMCOS    

[原文]sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.


[CNNVD]GratiSoft Sudo 受限命令执行绕过漏洞(CNNVD-200503-006)

        本地用户可以借助sudo 1.6.8p2之前版本,利用"()"样式环境变量创建与BASH脚本中任何程序同名的函数(即未使用程序的完整路径名),来执行任意命令。

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:mandrakesoft:mandrake_linux:10.1::x86_64
cpe:/o:debian:debian_linux:3.0::ia-32
cpe:/o:trustix:secure_linux:1.5Trustix Secure Linux 1.5
cpe:/o:debian:debian_linux:3.0::ppc
cpe:/a:todd_miller:sudo:1.5.8
cpe:/a:todd_miller:sudo:1.5.9
cpe:/o:debian:debian_linux:3.0::hppa
cpe:/a:todd_miller:sudo:1.5.6
cpe:/a:todd_miller:sudo:1.5.7
cpe:/o:debian:debian_linux:3.0::sparc
cpe:/o:debian:debian_linux:3.0::s-390
cpe:/a:todd_miller:sudo:1.6.5_p1
cpe:/a:todd_miller:sudo:1.6.5_p2
cpe:/o:debian:debian_linux:3.0::arm
cpe:/o:debian:debian_linux:3.0::mipsel
cpe:/o:debian:debian_linux:3.0::mips
cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64
cpe:/a:todd_miller:sudo:1.6Todd Miller Sudo 1.6
cpe:/o:debian:debian_linux:3.0::alpha
cpe:/o:ubuntu:ubuntu_linux:4.1::ppc
cpe:/o:mandrakesoft:mandrake_linux:9.2MandrakeSoft Mandrake Linux 9.2
cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64
cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2MandrakeSoft Mandrake Multi Network Firewall 8.2
cpe:/o:mandrakesoft:mandrake_linux:10.1MandrakeSoft Mandrake Linux 10.1
cpe:/a:todd_miller:sudo:1.6.4_p2
cpe:/a:todd_miller:sudo:1.6.4_p1
cpe:/o:mandrakesoft:mandrake_linux:10.0MandrakeSoft Mandrake Linux 10.0
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64
cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1MandrakeSoft Mandrake Linux Corporate Server 2.1
cpe:/a:todd_miller:sudo:1.6.7Todd Miller Sudo 1.6.7
cpe:/o:trustix:secure_linux:2.2Trustix Secure Linux 2.2
cpe:/a:todd_miller:sudo:1.6.8Todd Miller Sudo 1.6.8
cpe:/a:todd_miller:sudo:1.6.5Todd Miller Sudo 1.6.5
cpe:/a:todd_miller:sudo:1.6.6Todd Miller Sudo 1.6.6
cpe:/o:trustix:secure_linux:2.1Trustix Secure Linux 2.1
cpe:/o:trustix:secure_linux:2.0Trustix Secure Linux 2.0
cpe:/o:debian:debian_linux:3.0::m68k
cpe:/o:ubuntu:ubuntu_linux:4.1::ia64
cpe:/a:todd_miller:sudo:1.6.3_p2
cpe:/a:todd_miller:sudo:1.6.3_p1
cpe:/a:todd_miller:sudo:1.6.3_p6
cpe:/a:todd_miller:sudo:1.6.8_p1
cpe:/a:todd_miller:sudo:1.6.3_p5
cpe:/a:todd_miller:sudo:1.6.3_p4
cpe:/a:todd_miller:sudo:1.6.3_p3
cpe:/a:todd_miller:sudo:1.6.3_p7Todd Miller Sudo 1.6.3 p7
cpe:/o:debian:debian_linux:3.0::ia-64
cpe:/a:todd_miller:sudo:1.6.3Todd Miller Sudo 1.6.3
cpe:/a:todd_miller:sudo:1.6.4Todd Miller Sudo 1.6.4
cpe:/a:todd_miller:sudo:1.6.1Todd Miller Sudo 1.6.1
cpe:/a:todd_miller:sudo:1.6.2Todd Miller Sudo 1.6.2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1051
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1051
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200503-006
(官方数据源) CNNVD

- 其它链接及资源

http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
(UNKNOWN)  APPLE  APPLE-SA-2005-05-03
http://marc.info/?l=bugtraq&m=110028877431192&w=2
(UNKNOWN)  BUGTRAQ  20041112 Sudo version 1.6.8p2 now available (fwd)
http://marc.info/?l=bugtraq&m=110073149111410&w=2
(UNKNOWN)  UBUNTU  USN-28-1
http://marc.info/?l=bugtraq&m=110598298225675&w=2
(UNKNOWN)  OPENPKG  OpenPKG-SA-2005.002
http://www.debian.org/security/2004/dsa-596
(UNKNOWN)  DEBIAN  DSA-596
http://www.mandriva.com/security/advisories?name=MDKSA-2004:133
(UNKNOWN)  MANDRAKE  MDKSA-2004:133
http://www.securityfocus.com/bid/11668
(VENDOR_ADVISORY)  BID  11668
http://www.sudo.ws/sudo/alerts/bash_functions.html
(UNKNOWN)  CONFIRM  http://www.sudo.ws/sudo/alerts/bash_functions.html
http://www.trustix.org/errata/2004/0061/
(UNKNOWN)  TRUSTIX  2004-0061
http://xforce.iss.net/xforce/xfdb/18055
(VENDOR_ADVISORY)  XF  sudo-bash-command-execution(18055)

- 漏洞信息

GratiSoft Sudo 受限命令执行绕过漏洞
高危 设计错误
2005-03-01 00:00:00 2005-10-20 00:00:00
本地  
        本地用户可以借助sudo 1.6.8p2之前版本,利用"()"样式环境变量创建与BASH脚本中任何程序同名的函数(即未使用程序的完整路径名),来执行任意命令。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Todd Miller Sudo 1.5.6
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.5.7
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.5.8
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.5.9
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.1
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.2
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3 p1
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3 p5
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3 p4
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3 p7
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3 p6
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3 p2
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.3 p3
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.4 p2
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.4 p1
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.4
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Mandrake sudo-1.6.4-3.2.M82mdk.i586.rpm Mandrake Multi Network Firewall 8.2
        http://www.mandrakesecure.net/en/ftp.php
        Todd Miller Sudo 1.6.5 p2
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        RedHat sudo-1.6.5p2-2.2.legacy.i386.rpm RedHat Linux 7.3
        http://download.fedoralegacy.org/redhat/7.3/updates/i386/sudo-1.6.5p2-
        2.2.legacy.i386.rpm
        Todd Miller Sudo 1.6.5 p1
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.5
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Todd Miller Sudo 1.6.6
        Debian sudo_1.6.6-1.2_alpha.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_alpha.deb
        Debian sudo_1.6.6-1.2_arm.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_armeb
        Debian sudo_1.6.6-1.2_hppa.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_hppa.deb
        Debian sudo_1.6.6-1.2_i386.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_i386.deb
        Debian sudo_1.6.6-1.2_ia64.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_ia64.deb
        Debian sudo_1.6.6-1.2_m68k.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_m68k.deb
        Debian sudo_1.6.6-1.2_mips.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_mips.deb
        Debian sudo_1.6.6-1.2_mipsel.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_mipsel.deb
        Debian sudo_1.6.6-1.2_powerpc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_powerpc.deb
        Debian sudo_1.6.6-1.2_s390.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_s390.deb
        Debian sudo_1.6.6-1.2_sparc.deb
        Debian GNU/Linux 3.0 alias woody
        http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.6-1.2_sparc.deb
        GratiSoft Sudo 1.6.8p2
        http://www.courtesan.com/sudo/download.html
        Mandrake sudo-1.6.6-2.1.C21mdk.i586.rpm
        Mandrake Corporate Se

- 漏洞信息

11716
sudo Bash Script Subversion Arbitrary Command Execution
Local Access Required Input Manipulation
Loss of Integrity
Exploit Public, Exploit Commercial

- 漏洞描述

sudo contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when sudo fails to sanitize environment variables, and a specially crafted Bash environment variable is used to execute arbitrary commands. This flaw may lead to a loss of integrity.

- 时间线

2004-11-12 Unknow
2004-11-12 Unknow

- 解决方案

Upgrade to version 1.6.8p2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

GratiSoft Sudo Restricted Command Execution Bypass Vulnerability
Design Error 11668
No Yes
2004-11-12 12:00:00 2009-07-12 08:06:00
Discovery of this issue is credited to Liam Helmer.

- 受影响的程序版本

Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Home
Trustix Secure Linux 2.2
Trustix Secure Linux 2.1
Trustix Secure Linux 2.0
Trustix Secure Linux 1.5
Trustix Secure Enterprise Linux 2.0
Todd Miller Sudo 1.6.8 p1
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ OpenPKG OpenPKG 2.2
+ OpenPKG OpenPKG Current
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.6
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Slackware Linux 8.0
Todd Miller Sudo 1.6.5 p2
+ NetBSD NetBSD 1.5.2
+ OpenBSD OpenBSD 3.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Todd Miller Sudo 1.6.5 p1
+ Slackware Linux 8.0
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.4 p2
Todd Miller Sudo 1.6.4 p1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
+ Conectiva Linux ecommerce
Todd Miller Sudo 1.6.4
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
- RedHat Linux 6.2 sparc
- RedHat Linux 6.2 i386
- RedHat Linux 6.2 alpha
Todd Miller Sudo 1.6.3 p7
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ Slackware Linux 8.0
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
Todd Miller Sudo 1.6.3 p6
+ Guardian Digital Engarde Secure Linux 1.0.1
+ Guardian Digital Engarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 alpha
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 7.0
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 7.0
Todd Miller Sudo 1.6.3 p5
Todd Miller Sudo 1.6.3 p4
+ Slackware Linux 7.1
Todd Miller Sudo 1.6.3 p3
Todd Miller Sudo 1.6.3 p2
Todd Miller Sudo 1.6.3 p1
Todd Miller Sudo 1.6.3
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
Todd Miller Sudo 1.6.2
- Debian Linux 2.2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.5.9
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.6
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Fedora Core1
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
GratiSoft Sudo 1.6.8 p2

- 不受影响的程序版本

GratiSoft Sudo 1.6.8 p2

- 漏洞讨论

A restricted command execution bypass vulnerability affects GratiSoft's Sudo application. This issue is due to a design error that causes the application to fail to properly sanitize user-supplied environment variables.

An attacker with sudo privileges may leverage this issue to execute commands that are explicitly disallowed. This may facilitate privileges escalation and certainly leads to a false sense of security.

- 漏洞利用

No exploit is required to leverage this issue.

- 解决方案

The vendor has released patch level 2 dealing with this issue for Sudo version 1.6.8.

Debian has released an advisory (DSA 596-1) and fixes to address this vulnerability in Debian platforms. Customers are advised to peruse the referenced advisory for further information pertaining to obtaining and applying appropriate fixes

Ubuntu has released an advisory (USN-28-1) and fixes to address this vulnerability in Ubuntu products. Customers are advised to peruse the referenced advisory for further information pertaining to obtaining and applying appropriate fixes.

Mandrake Linux has released an advisory (MDKSA-2004:133) along with fixes dealing with this issue. Please see the referenced advisory for more information.

Trustix Linux has released an advisory (TSLSA-2004-0061) along with updated fixes dealing with this and other issues. Please see the referenced advisory for more information.

OpenPKG has made an advisory (OpenPKG-SA-2005.002) available dealing with this issue. Please see the referenced advisory for more information.

Turbolinux has released advisory Turbolinux Security Announcement 31/Jan/2005 to address various issues. Please see the referenced advisory for more information.

The Fedora Legacy project has released advisory FLSA:152856 to address this issue in RedHat Linux 7.3, 9, and Fedora Core 1. Please see the referenced advisory for further information.


Todd Miller Sudo 1.5.6

Todd Miller Sudo 1.5.7

Todd Miller Sudo 1.5.8

Todd Miller Sudo 1.5.9

Todd Miller Sudo 1.6

Todd Miller Sudo 1.6.1

Todd Miller Sudo 1.6.2

Todd Miller Sudo 1.6.3

Todd Miller Sudo 1.6.3 p1

Todd Miller Sudo 1.6.3 p5

Todd Miller Sudo 1.6.3 p4

Todd Miller Sudo 1.6.3 p7

Todd Miller Sudo 1.6.3 p6

Todd Miller Sudo 1.6.3 p2

Todd Miller Sudo 1.6.3 p3

Todd Miller Sudo 1.6.4 p2

Todd Miller Sudo 1.6.4 p1

Todd Miller Sudo 1.6.4

Todd Miller Sudo 1.6.5 p2

Todd Miller Sudo 1.6.5 p1

Todd Miller Sudo 1.6.5

Todd Miller Sudo 1.6.6

Todd Miller Sudo 1.6.7

Todd Miller Sudo 1.6.8

Todd Miller Sudo 1.6.8 p1

Ubuntu Ubuntu Linux 4.1 ia32

Ubuntu Ubuntu Linux 4.1 ia64

Ubuntu Ubuntu Linux 4.1 ppc

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站