Test ID:	1.3.6.1.4.1.25623.1.0.52696
Category:	Fedora Local Security Checks
Title:	Fedora Legacy Security Advisory FLSA-2005:152856
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory FLSA-2005:152856. A flaw in exists in sudo's environment sanitizing prior to sudo version 1.6.8p2 that could allow a malicious user with permission to run a shell script that utilized the bash shell to run arbitrary commands. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1051 to this issue. Users of sudo are advised to upgrade to these errata packages, which contain a patch correcting this issue. Affected platforms: Redhat 7.3 Redhat 9 Fedora Core 1 Solution: https://secure1.securityspace.com/smysecure/catid.html?in=FLSA-2005:152856 Risk factor : High CVSS Score: 7.2
Cross-Ref:	BugTraq ID: 11668 Common Vulnerability Exposure (CVE) ID: CVE-2004-1051 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.securityfocus.com/bid/11668 Bugtraq: 20041112 Sudo version 1.6.8p2 now available (fwd) (Google Search) http://marc.info/?l=bugtraq&m=110028877431192&w=2 Debian Security Information: DSA-596 (Google Search) http://www.debian.org/security/2004/dsa-596 http://www.mandriva.com/security/advisories?name=MDKSA-2004:133 http://marc.info/?l=bugtraq&m=110598298225675&w=2 http://www.trustix.org/errata/2004/0061/ https://www.ubuntu.com/usn/usn-28-1/ XForce ISS Database: sudo-bash-command-execution(18055) https://exchange.xforce.ibmcloud.com/vulnerabilities/18055
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.