Search for vulnerabilities
Vulnerability details: VCID-87z3-ewhy-aaad
Vulnerability ID VCID-87z3-ewhy-aaad
Aliases CVE-2005-1993
Summary Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2005:535
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00063 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.0007 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2005-1993
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1617680
cvssv2 3.7 https://nvd.nist.gov/vuln/detail/CVE-2005-1993
Reference id Reference type URL
http://docs.info.apple.com/article.html?artnum=302847
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1993.json
https://api.first.org/data/v1/epss?cve=CVE-2005-1993
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1993
http://secunia.com/advisories/15744
http://secunia.com/advisories/17813
https://exchange.xforce.ibmcloud.com/vulnerabilities/21080
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1242
http://www.debian.org/security/2005/dsa-735
http://www.novell.com/linux/security/advisories/2005_36_sudo.html
http://www.osvdb.org/17396
http://www.redhat.com/support/errata/RHSA-2005-535.html
http://www.securityfocus.com/archive/1/402741
http://www.securityfocus.com/archive/1/425974/100/0/threaded
http://www.securityfocus.com/bid/13993
http://www.securityfocus.com/bid/15647
http://www.sudo.ws/sudo/alerts/path_race.html
http://www.vupen.com/english/advisories/2005/0821
http://www.vupen.com/english/advisories/2005/2659
1617680 https://bugzilla.redhat.com/show_bug.cgi?id=1617680
315115 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315115
cpe:2.3:a:todd_miller:sudo:1.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.5.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.5.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.5.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.5.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.5.9:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.7_p5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.7_p5:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:*
cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:*
CVE-2005-1993 https://nvd.nist.gov/vuln/detail/CVE-2005-1993
RHSA-2005:535 https://access.redhat.com/errata/RHSA-2005:535
USN-142-1 https://usn.ubuntu.com/142-1/
No exploits are available.
Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-1993
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.28173
EPSS Score 0.00063
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.