CVE		CVE-2010-1163
Status		Candidate
Description		The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.
Severity		Medium
CVSS score		6,9
CVSS vector		(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Phase		Assigned (17.02.2011)
NVD:		http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1163
References		BID : 39468
		BUGTRAQ : 20100419 sudoedit local privilege escalation through PATH manipulation
		BUGTRAQ : 20100420 Re: sudoedit local privilege escalation through PATH manipulation
		BUGTRAQ : 20100422 Re: sudoedit local privilege escalation through PATH manipulation
		CONFIRM : http://www.sudo.ws/sudo/alerts/sudoedit_escalate2....
		FEDORA : FEDORA-2010-6756
		MANDRIVA : MDVSA-2010:078
		OSVDB : 63878
		OVAL : oval:org.mitre.oval:def:9382
		REDHAT : RHSA-2010:0361
		SECUNIA : 39384
		SECUNIA : 39399
		SECUNIA : 39474
		SECUNIA : 39543
		SLACKWARE : SSA:2010-110-01
		UBUNTU : USN-928-1
		VUPEN : ADV-2010-0881
		VUPEN : ADV-2010-0895
		VUPEN : ADV-2010-0904
		VUPEN : ADV-2010-0949
		VUPEN : ADV-2010-0956
		VUPEN : ADV-2010-1019
		XF : sudo-sudoefit-privilege-escalation(57836)
SecurityVulns:		sudo protection bypass