CVE-2004-1689 — LOW severity vulnerability (sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file)
sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.
| CVE ID | CVE-2004-1689 |
|---|---|
| Severity | LOW |
| CVSS score | 2.1 |
| CVSS vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2004-09-16 |
| Last modified | 2026-04-16 |
| Description | sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →