Back to search
CVE-2017-1000367
Published: Jun 5, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-3304-1
vendor-advisory
GLSA-201705-15
vendor-advisory
98745
vdb-entry
FEDORA-2017-54580efa82
vendor-advisory
RHSA-2017:1382
vendor-advisory
SUSE-SU-2017:1446
vendor-advisory
SUSE-SU-2017:1450
vendor-advisory
DSA-3867
vendor-advisory
openSUSE-SU-2017:1455
vendor-advisory
42183
exploit
RHSA-2017:1381
vendor-advisory
1038582
vdb-entry
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now