First published: Mon Jun 05 2017(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sudo Project Sudo | <=1.8.20 | |
Sudo Project Sudo | =1.8.20-p1 | |
redhat/sudo | <1.8.20 | 1.8.20 |
debian/sudo | 1.9.5p2-3+deb11u1 1.9.13p3-1+deb12u1 1.9.16p1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue is CVE-2017-1000368.
The title of this vulnerability is 'Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.'
The severity of CVE-2017-1000368 is high with a CVSS score of 8.2.
Sudo version 1.8.20p1 and earlier are affected by this vulnerability.
To fix CVE-2017-1000368, update to sudo version 1.8.20 or higher.