Ubuntu
sudo package

Security vulnerability in sudo 1.8.3p1

Bug #925100 reported by quantenemitter
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sudo (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

According to an alert from the sudo-website, sudo 1.8.0-1.8.3p1 has a sercurity vulnerability, which could be fixed via upgrading to 1.8.3p2.

Also see:
http://www.sudo.ws/sudo/alerts/sudo_debug.html
http://archives.neohapsis.com/archives/fulldisclosure/2012-01/att-0591/advisory_sudo.txt
http://www.phrack.org/issues.html?issue=67&id=9
http://www.heise.de/newsticker/meldung/sudo-Schwachstelle-macht-User-zu-Admins-1425053.html (german)

CVE References

quantenemitter (quantenemitter)
summary: - Assumed security vulnerability in sudo 1.8.3p1
+ Security vulnerability in sudo 1.8.3p1
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

This has already been fixed in Ubuntu.

visibility: private → public
visibility: private → public
Changed in sudo (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.