CVE-2005-4158 (retired)

Priority
Description
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the
(1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which
allows limited local users to cause a Perl script to include and execute
arbitrary library files that have the same name as library files that are
included by the script.
Package
Source: sudo (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:36:10 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)