CVE-2002-0184 - Unspecified vulnerability in Todd Miller Sudo

Summary

Heap-based buffer overflow in sudo before 1.6.6 may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.

Risk level (CVSS 7.2)

High

7.2

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None