Total vulnerabilities in the database
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory.
| Software | From | Fixed in |
|---|---|---|
| todd_miller / sudo | 1.6.9_p18 | 1.6.9_p18.x |
| todd_miller / sudo | 1.6.3_p6 | 1.6.3_p6.x |
| todd_miller / sudo | 1.6.8_p7 | 1.6.8_p7.x |
| todd_miller / sudo | 1.7.0 | 1.7.0.x |
| todd_miller / sudo | 1.6.3 | 1.6.3.x |
| todd_miller / sudo | 1.6.4_p2 | 1.6.4_p2.x |
| todd_miller / sudo | 1.6.1 | 1.6.1.x |
| todd_miller / sudo | 1.6.8_p12 | 1.6.8_p12.x |
| todd_miller / sudo | 1.6.3_p5 | 1.6.3_p5.x |
| todd_miller / sudo | 1.7.1 | 1.7.1.x |
| todd_miller / sudo | 1.7.2p2 | 1.7.2p2.x |
| todd_miller / sudo | 1.7.2 | 1.7.2.x |
| todd_miller / sudo | 1.6.2 | 1.6.2.x |
| todd_miller / sudo | 1.6.4_p1 | 1.6.4_p1.x |
| todd_miller / sudo | 1.6.3_p2 | 1.6.3_p2.x |
| todd_miller / sudo | 1.6.3_p4 | 1.6.3_p4.x |
| todd_miller / sudo | 1.6.8_p9 | 1.6.8_p9.x |
| todd_miller / sudo | 1.6.5_p2 | 1.6.5_p2.x |
| todd_miller / sudo | 1.6.3_p3 | 1.6.3_p3.x |
| todd_miller / sudo | 1.7.2p1 | 1.7.2p1.x |
| todd_miller / sudo | 1.7.2p3 | 1.7.2p3.x |
| todd_miller / sudo | 1.6.8_p1 | 1.6.8_p1.x |
| todd_miller / sudo | 1.6.5_p1 | 1.6.5_p1.x |
| todd_miller / sudo | 1.6.9_p19 | 1.6.9_p19.x |
| todd_miller / sudo | 1.6.9_p17 | 1.6.9_p17.x |
| todd_miller / sudo | 1.6.3_p7 | 1.6.3_p7.x |
| todd_miller / sudo | 1.6 | 1.6.x |
| todd_miller / sudo | 1.6.8_p5 | 1.6.8_p5.x |
| todd_miller / sudo | 1.6.8_p8 | 1.6.8_p8.x |
| todd_miller / sudo | 1.6.3_p1 | 1.6.3_p1.x |
| todd_miller / sudo | 1.6.8_p2 | 1.6.8_p2.x |
| todd_miller / sudo | 1.6.7_p5 | 1.6.7_p5.x |