Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sudo vulnerabilities and exploits
(subscribe to this query)
642
VMScore
CVE-2017-1000368
Todd Miller's sudo version 1.8.20p1 and previous versions is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
Sudo Project Sudo 1.8.20
Sudo Project Sudo
2 Github repositories
NA
CVE-2022-43995
Sudo 1.8.0 up to and including 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password...
Sudo Project Sudo 1.9.12
Sudo Project Sudo
409
VMScore
CVE-2005-2959
Incomplete blacklist vulnerability in sudo 1.6.8 and previous versions allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3p4
Todd Miller Sudo 1.6.3p5
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.6.3p6
Todd Miller Sudo 1.6.3p7
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.3p1
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.5p1
615
VMScore
CVE-2010-0426
sudo 1.6.x prior to 1.6.9p21 and 1.7.x prior to 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable fil...
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.8 P12
Todd Miller Sudo 1.6.8 P2
Todd Miller Sudo 1.6.8 P5
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.8 P7
Todd Miller Sudo 1.6.8 P8
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.7 P5
Todd Miller Sudo 1.6.8 P1
3 Github repositories
475
VMScore
CVE-2005-4158
Sudo prior to 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as librar...
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6.8 P5
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.7 P5
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.8 P9
3 EDB exploits
392
VMScore
CVE-2010-0427
sudo 1.6.x prior to 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command.
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.7 P5
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.9 P17
Todd Miller Sudo 1.6.9 P19
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.4 P2
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6.8 P12
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.8 P9
Todd Miller Sudo 1.6.9 P18
Todd Miller Sudo 1.6.3 P6
614
VMScore
CVE-2010-1163
The command matching functionality in sudo 1.6.8 up to and including 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users ...
Todd Miller Sudo 1.6.8 P1
Todd Miller Sudo 1.6.8 P12
Todd Miller Sudo 1.6.9 P17
Todd Miller Sudo 1.6.9 P18
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8 P9
Todd Miller Sudo 1.6.8p7
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.6.8 P2
Todd Miller Sudo 1.6.8 P5
Todd Miller Sudo 1.6.9 P19
Todd Miller Sudo 1.6.9 P20
Todd Miller Sudo 1.6.9 P21
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.6.8 P7
Todd Miller Sudo 1.6.8 P8
Todd Miller Sudo 1.6.9 P22
Todd Miller Sudo 1.7.2p1
641
VMScore
CVE-2012-2337
sudo 1.6.x and 1.7.x prior to 1.7.9p1, and 1.8.x prior to 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4...
Todd Miller Sudo 1.6.2p3
Todd Miller Sudo 1.6.3
Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.8p12
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.9p21
Todd Miller Sudo 1.6.9p22
Todd Miller Sudo 1.6.3 P7
Todd Miller Sudo 1.6.4
Todd Miller Sudo 1.6.4p2
Todd Miller Sudo 1.6.9
Todd Miller Sudo 1.6.9p20
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.2
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.7p5
Todd Miller Sudo 1.6.9p23
Todd Miller Sudo 1.6
641
VMScore
CVE-2006-0151
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.6
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6.3 P5
Todd Miller Sudo 1.6.3 P6
Todd Miller Sudo 1.6.6
Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.8 P7
Todd Miller Sudo 1.6.8 P8
Todd Miller Sudo 1.5.9
Todd Miller Sudo 1.6.3 P3
Todd Miller Sudo 1.6.3 P4
Todd Miller Sudo 1.6.5 P1
Todd Miller Sudo 1.6.5 P2
Todd Miller Sudo 1.6.8 P2
Todd Miller Sudo 1.6.8 P5
Todd Miller Sudo 1.5.6
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.6.3 P1
Todd Miller Sudo 1.6.3 P2
Todd Miller Sudo 1.6.4 P1
Todd Miller Sudo 1.6.4 P2
1 Github repository
392
VMScore
CVE-2011-0010
check.c in sudo 1.7.x prior to 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.7.2p5
Todd Miller Sudo 1.7.4p4
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.7.3b1
Todd Miller Sudo 1.7.2p7
Todd Miller Sudo 1.7.4p2
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.7.2p6
Todd Miller Sudo 1.7.4p3
Todd Miller Sudo 1.7.4
Todd Miller Sudo 1.7.4p1
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.7.1
Todd Miller Sudo 1.7.2p4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »