{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-16T00:00:00", "descriptions": [{"lang": "en", "value": "sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201504-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201504-02"}, {"name": "1033158", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033158"}, {"name": "[oss-security] 20141016 Abusing TZ for fun (and little profit)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2014/10/15/24"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.sudo.ws/alerts/tz.html"}, {"name": "RHSA-2015:1409", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1409.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9680", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201504-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201504-02"}, {"name": "1033158", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033158"}, {"name": "[oss-security] 20141016 Abusing TZ for fun (and little profit)", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2014/10/15/24"}, {"name": "http://www.sudo.ws/alerts/tz.html", "refsource": "CONFIRM", "url": "http://www.sudo.ws/alerts/tz.html"}, {"name": "RHSA-2015:1409", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1409.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:55:04.547Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-201504-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201504-02"}, {"name": "1033158", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033158"}, {"name": "[oss-security] 20141016 Abusing TZ for fun (and little profit)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2014/10/15/24"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.sudo.ws/alerts/tz.html"}, {"name": "RHSA-2015:1409", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1409.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9680", "datePublished": "2017-04-24T06:12:00", "dateReserved": "2015-02-12T00:00:00", "dateUpdated": "2024-08-06T13:55:04.547Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sudo_project:sudo:*:p2:*:*:*:*:*:*", "matchCriteriaId": "29562C09-01B1-46F4-871F-B2C817DB256D", "versionEndIncluding": "1.8.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives."}, {"lang": "es", "value": "sudo en versiones anteriores a 1.8.12 no garantiza que la variable de entorno TZ est\u00e9 asociada con un archivo zoneinfo, lo que permite a usuarios locales abrir archivos arbitrarios para acceso de lectura (pero no ver el contenido del archivo) ejecutando un programa dentro de una sesi\u00f3n sudo, como lo demuestra interfiriendo con la salida del terminal, descartando los mensajes del kernel-log o reposicionando las unidades de cinta."}], "id": "CVE-2014-9680", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-24T06:59:00.353", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2014/10/15/24"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1409.html"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1033158"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.sudo.ws/alerts/tz.html"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201504-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://openwall.com/lists/oss-security/2014/10/15/24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2015-1409.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1033158"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.sudo.ws/alerts/tz.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201504-02"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:1409", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "sudo-0:1.8.6p3-19.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-20T00:00:00Z"}, {"advisory": "RHBA-2015:2424", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "sudo-0:1.8.6p7-16.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-11-19T00:00:00Z"}], "bugzilla": {"description": "sudo: unsafe handling of TZ environment variable", "id": "1191144", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191144"}, "csaw": false, "cvss": {"cvss_base_score": "3.0", "cvss_scoring_vector": "AV:L/AC:M/Au:S/C:N/I:P/A:P", "status": "verified"}, "cwe": "CWE-20", "details": ["sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives.", "It was discovered that sudo did not perform any checks of the TZ environment variable value. If sudo was configured to preserve the TZ environment variable, a local user with privileges to execute commands via sudo could possibly use this flaw to achieve system state changes not permitted by the configured commands.\nNote: The default sudoers configuration in Red Hat Enterprise Linux removes the TZ variable from the environment in which commands run by sudo are executed."], "name": "CVE-2014-9680", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Will not fix", "package_name": "sudo", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "sudo", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2014-10-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-9680\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-9680\nhttp://www.sudo.ws/alerts/tz.html"], "statement": "This issue did not affect the default sudo configuration in Red Hat Enterprise Linux 5, 6, and 7.", "threat_severity": "Moderate"}