Format string vulnerability in the sudo_debug function in Sudo 1.8.0 up to and including 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
todd miller sudo 1.8.0 |
||
todd miller sudo 1.8.2 |
||
todd miller sudo 1.8.1p2 |
||
todd miller sudo 1.8.3p1 |
||
todd miller sudo 1.8.3 |
||
todd miller sudo 1.8.1p1 |
||
todd miller sudo 1.8.1 |