CVE-2002-0043

N/A Unknown

Published: January 31, 2002 Modified: April 16, 2026

Description

sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02%3A06.asc

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000451

Source: cve@mitre.org

http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:003

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=101120193627756&w=2

Source: cve@mitre.org

http://www.debian.org/security/2002/dsa-101

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2002_002_sudo_txt.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2002-011.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2002-013.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/advisories/3800

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/250168

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/3871

Source: cve@mitre.org

http://www.sudo.ws/sudo/alerts/postfix.html

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/7891

Source: cve@mitre.org

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02%3A06.asc