Описание
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
Ссылки
- Broken LinkThird Party Advisory
- Mailing List
- Mailing ListPatch
- Mailing ListPatch
- Mailing List
- Mailing List
- Broken LinkThird Party Advisory
- Broken Link
- Third Party AdvisoryUS Government Resource
- Broken Link
- Broken LinkPatchVendor Advisory
- Broken Link
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party Advisory
- Mailing List
- Mailing ListPatch
- Mailing ListPatch
- Mailing List
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
Уязвимость операционной системы Red Hat Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.8 High
CVSS3
7.2 High
CVSS2