Описание
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.8.20 (включая)
Одно из
cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
cpe:2.3:a:sudo_project:sudo:1.8.20:p1:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00166
Низкий
8.2 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 8.2
ubuntu
больше 8 лет назад
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
CVSS3: 7.3
redhat
больше 8 лет назад
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
CVSS3: 8.2
debian
больше 8 лет назад
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an in ...
EPSS
Процентиль: 38%
0.00166
Низкий
8.2 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-20