Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-1000368

Опубликовано: 05 июн. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.2
CVSS3: 8.2

Описание

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

РелизСтатусПримечание
artful

released

1.8.20p2-1ubuntu1
bionic

released

1.8.20p2-1ubuntu1
cosmic

released

1.8.20p2-1ubuntu1
devel

released

1.8.20p2-1ubuntu1
disco

released

1.8.20p2-1ubuntu1
esm-infra-legacy/trusty

released

1.8.9p5-1ubuntu1.5+esm1
esm-infra/bionic

released

1.8.20p2-1ubuntu1
esm-infra/xenial

released

1.8.16-0ubuntu1.6
precise/esm

not-affected

code not present
trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 38%
0.00166
Низкий

7.2 High

CVSS2

8.2 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-1000368

CVSS3: 7.3
redhat
больше 8 лет назад

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

nvd логотип

CVE-2017-1000368

CVSS3: 8.2
nvd
больше 8 лет назад

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

debian логотип

CVE-2017-1000368

CVSS3: 8.2
debian
больше 8 лет назад

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an in ...

suse-cvrf логотип

openSUSE-SU-2017:1697-1

suse-cvrf
больше 8 лет назад

Security update for sudo

suse-cvrf логотип

SUSE-SU-2017:1778-1

suse-cvrf
больше 8 лет назад

Security update for sudo

EPSS

Процентиль: 38%
0.00166
Низкий

7.2 High

CVSS2

8.2 High

CVSS3