Vulnerabilities > Sudo Project > Sudo > 1.3.0

DATE CVE VULNERABILITY TITLE RISK
2017-06-05 CVE-2017-1000367 Race Condition vulnerability in Sudo Project Sudo
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
local
high complexity
sudo-project CWE-362
6.4
2002-05-16 CVE-2002-0184 Incorrect Calculation of Buffer Size vulnerability in multiple products
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
local
low complexity
sudo-project debian CWE-131
7.8