CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sudo_project:sudo:1.8.20:p1:*:*:*:*:*:*
cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*

Information

Published : 2017-06-05 09:29

Updated : 2019-05-29 12:29


NVD link : CVE-2017-1000368

Mitre link : CVE-2017-1000368


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

sudo_project

  • sudo