CVE-2005-4158 Information

Description

Sudo before 1.6.8 p12 when the Perl taint flag is off does not clear the (1) PERLLIB (2) PERL5LIB and (3) PERL5OPT environment variables which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script.

Reference

http://secunia.com/advisories/17534/ http://secunia.com/advisories/18102 http://secunia.com/advisories/18156 http://secunia.com/advisories/18308 http://secunia.com/advisories/18463 http://secunia.com/advisories/18549 http://secunia.com/advisories/18558 http://secunia.com/advisories/21692 http://securitytracker.com/alerts/2005/Nov/1015192.html http://www.debian.org/security/2006/dsa-946 http://www.mandriva.com/security/advisories?name=MDKSA-2005:234 http://www.mandriva.com/security/advisories?name=MDKSA-2006:159 http://www.novell.com/linux/security/advisories/2006_02_sr.html http://www.securityfocus.com/bid/15394 http://www.sudo.ws/sudo/alerts/perl_env.html http://www.trustix.org/errata/2006/0002/ http://www.vupen.com/english/advisories/2005/2386 https://exchange.xforce.ibmcloud.com/vulnerabilities/23102 https://www.ubuntu.com/usn/usn-235-1/