Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:todd_miller:sudo:1.7.10p6:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-0106 |
Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restriction, which allows local users with sudo permissions to bypass intended command restrictions via a crafted environment variable. Published: March 11, 2014; 3:37:03 PM -0400 |
V3.x:(not available) V2.0: 6.6 MEDIUM |
CVE-2013-1775 |
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. Published: March 05, 2013; 4:38:56 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |