CVE-2010-1646

NameCVE-2010-1646
DescriptionThe secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2062-1
NVD severitymedium (attack range: local)
Debian Bugs585394

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sudo (PTS)wheezy1.8.5p2-1+nmu3+deb7u1fixed
wheezy (security)1.8.5p2-1+nmu3+deb7u3fixed
jessie1.8.10p3-1+deb8u3fixed
jessie (security)1.8.10p3-1+deb8u4fixed
stretch1.8.19p1-2.1fixed
buster, sid1.8.20p2-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sudosource(unstable)1.7.2p7-1medium585394
sudosourcelenny1.6.9p17-3mediumDSA-2062-1
Search for package or bug name: Reporting problems