oss-sec mailing list archives
Re: CVE request: potential bypass of sudo tty_tickets constraints
From: "Todd C. Miller" <Todd.Miller () courtesan com>
Date: Thu, 28 Feb 2013 05:24:51 -0500
Sudo versions affected: Sudo 1.3.5 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p7 when the "tty_tickets" option is enabled. This option is enabled by default in sudo 1.7.4 and above.
The affected versions are actually: Sudo 1.3.5 through 1.7.10p5 and sudo 1.8.0 through 1.8.6p6 inclusive. - todd
Current thread:
- CVE request: potential bypass of sudo tty_tickets constraints Todd C. Miller (Feb 27)
- Re: CVE request: potential bypass of sudo tty_tickets constraints Kurt Seifried (Feb 27)
- <Possible follow-ups>
- Re: CVE request: potential bypass of sudo tty_tickets constraints Todd C. Miller (Feb 28)