← CVECheck
HomeVulnerabilities

CVE-2004-1689 — LOW severity vulnerability (sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file)

sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.

CVE IDCVE-2004-1689
SeverityLOW
CVSS score2.1
CVSS vectorAV:L/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2004-09-16
Last modified2026-04-16
Descriptionsudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →