Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE request: potential bypass of sudo tty_tickets constraints
From: "Todd C. Miller" <Todd.Miller () courtesan com>
Date: Thu, 28 Feb 2013 05:24:51 -0500

Sudo versions affected:
    Sudo 1.3.5 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p7 when
    the "tty_tickets" option is enabled.  This option is enabled
    by default in sudo 1.7.4 and above.

The affected versions are actually: 

  Sudo 1.3.5 through 1.7.10p5 and sudo 1.8.0 through 1.8.6p6 inclusive.

 - todd

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]