CVE-2017-1000367
Published: 30 May 2017
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Priority
CVSS 3 base score: 6.4
Notes
Author | Note |
---|---|
sbeattie | code to parse /proc/pid/stat and walk /dev is not present in precise |