CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
cpe:2.3:a:sudo_project:sudo:1.8.20:p1:*:*:*:*:*:*

History

No history.

Information

Published : 2017-06-05 16:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-1000368

Mitre link : CVE-2017-1000368

CVE.ORG link : CVE-2017-1000368


JSON object : View

Products Affected

sudo_project

  • sudo
CWE
CWE-20

Improper Input Validation