Sudo Project: >> Sudo >> 1.7.3 Security Vulnerabilities
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.
CVSS Score
6.4
EPSS Score
0.001
Published
2018-05-29
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
CVSS Score
8.2
EPSS Score
0.002
Published
2017-06-05
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
CVSS Score
6.4
EPSS Score
0.165
Published
2017-06-05
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
CVSS Score
7.2
EPSS Score
0.061
Published
2015-11-17
Page 2