Vulnerabilities > Sudo Project > Sudo > 1.5.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-05 | CVE-2017-1000367 | Race Condition vulnerability in Sudo Project Sudo Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution. | 6.4 |
| 2015-11-17 | CVE-2015-5602 | Permissions, Privileges, and Access Controls vulnerability in Sudo Project Sudo sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt." | 7.2 |
| 2002-05-16 | CVE-2002-0184 | Incorrect Calculation of Buffer Size vulnerability in multiple products Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | 7.8 |