English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 134041 CVE descriptions
and 69903 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2005-4158
Description:Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script.
Test IDs: 1.3.6.1.4.1.25623.1.0.56155   1.3.6.1.4.1.25623.1.0.56153   1.3.6.1.4.1.25623.1.0.56040   1.3.6.1.4.1.25623.1.0.56081  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2005-4158
Debian Security Information: DSA-946 (Google Search)
http://www.debian.org/security/2006/dsa-946
http://www.mandriva.com/security/advisories?name=MDKSA-2005:234
http://www.mandriva.com/security/advisories?name=MDKSA-2006:159
SuSE Security Announcement: SUSE-SR:2006:002 (Google Search)
http://www.novell.com/linux/security/advisories/2006_02_sr.html
http://www.trustix.org/errata/2006/0002/
https://www.ubuntu.com/usn/usn-235-1/
BugTraq ID: 15394
http://www.securityfocus.com/bid/15394
http://www.vupen.com/english/advisories/2005/2386
http://securitytracker.com/alerts/2005/Nov/1015192.html
http://secunia.com/advisories/17534/
http://secunia.com/advisories/18156
http://secunia.com/advisories/18308
http://secunia.com/advisories/18549
http://secunia.com/advisories/18102
http://secunia.com/advisories/18558
http://secunia.com/advisories/18463
http://secunia.com/advisories/21692
XForce ISS Database: sudo-perl-execute-code(23102)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23102

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2018 E-Soft Inc. All rights reserved.