CVE-2004-1051 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-1051 Interim 1 3 2021-06-09T08:32:07Z current 2021-05-30T12:30:59Z 2021-06-09T08:32:07Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-1051 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. CVE-2004-1051 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C