CVE-2014-0106

macOS X < 10.10.4 - Authenticated Command Restriction Bypass via Environment Variable

Title source: llm
STIX 2.1

Description

Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable.

References (9)

Core 9
Core References
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0266.html
Patch, Vendor Advisory x_refsource_confirm
http://www.sudo.ws/sudo/alerts/env_add.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2146-1
Vendor Advisory x_refsource_confirm
https://support.apple.com/kb/HT205031
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/03/06/2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/65997

Scores

EPSS 0.0034
EPSS Percentile 25.8%

Details

CWE
CWE-20
Status published
Products (50)
apple/mac_os_x < 10.10.4
todd_miller/sudo 1.6.9
todd_miller/sudo 1.6.9p20
todd_miller/sudo 1.6.9p21
todd_miller/sudo 1.6.9p22
todd_miller/sudo 1.6.9p23
todd_miller/sudo 1.7.0
todd_miller/sudo 1.7.1
todd_miller/sudo 1.7.2
todd_miller/sudo 1.7.2p1
... and 40 more
Published Mar 11, 2014
Tracked Since Feb 18, 2026