Описание
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party Advisory
- ExploitMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.8.20 (включая)
cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.20739
Средний
6.4 Medium
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 6.4
ubuntu
больше 8 лет назад
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
CVSS3: 7.8
redhat
больше 8 лет назад
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
CVSS3: 6.4
debian
больше 8 лет назад
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an inpu ...
EPSS
Процентиль: 95%
0.20739
Средний
6.4 Medium
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-362