Known Vulnerabilities for products from Todd Miller
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Todd Miller".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2016-7032 | sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an a... | 7 - HIGH | 2017-04-14 | 2020-09-30 |
| CVE-2014-0106 | Sudo 1.6.9 before 1.8.5, when env_reset is disabled, does not properly check environment variables for the env_delete restric... | 6.6 - MEDIUM | 2014-03-11 | 2017-12-16 |
| CVE-2013-2777 | sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the control... | 4.4 - MEDIUM | 2013-04-08 | 2017-08-29 |
| CVE-2013-2776 | sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the ... | 4.4 - MEDIUM | 2013-04-08 | 2017-08-29 |
| CVE-2013-1776 | sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the con... | 4.4 - MEDIUM | 2013-04-08 | 2017-08-29 |
| CVE-2013-1775 | sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass int... | 6.9 - MEDIUM | 2013-03-05 | 2016-11-28 |
| CVE-2012-3440 | A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files ... | 5.6 - MEDIUM | 2012-08-08 | 2023-02-13 |
| CVE-2012-2337 | sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask sy... | 7.2 - HIGH | 2012-05-18 | 2018-01-05 |
| CVE-2012-0809 | Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary ... | 7.2 - HIGH | 2012-02-01 | 2018-01-05 |
| CVE-2011-0010 | check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution tha... | 4.4 - MEDIUM | 2011-01-18 | 2018-01-05 |
| CVE-2011-0008 | A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka... | 6.9 - MEDIUM | 2011-01-20 | 2023-11-07 |
| CVE-2010-2956 | Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction wi... | 6.2 - MEDIUM | 2010-09-10 | 2018-10-10 |
| CVE-2010-1646 | The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environ... | 6.2 - MEDIUM | 2010-06-07 | 2018-10-10 |
| CVE-2010-1163 | The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working ... | 6.9 - MEDIUM | 2010-04-16 | 2018-10-10 |
| CVE-2010-0427 | sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows loca... | 4.4 - MEDIUM | 2010-02-25 | 2018-10-10 |
| CVE-2010-0426 | sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of th... | 6.9 - MEDIUM | 2010-02-24 | 2018-10-10 |
| CVE-2009-0034 | parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during ... | 7.8 - HIGH | 2009-01-30 | 2024-01-12 |
| CVE-2007-4305 | Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local ... | 6.2 - MEDIUM | 2007-08-13 | 2008-09-05 |
| CVE-2007-3149 | sudo, when linked with MIT Kerberos 5 (krb5), does not properly check whether a user can currently authenticate to Kerberos, ... | 7.2 - HIGH | 2007-06-11 | 2020-01-21 |
| CVE-2006-0151 | sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain... | 7.2 - HIGH | 2006-01-09 | 2018-10-03 |
Known software with vulnerabilities from Todd Miller
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Todd Miller | Sudo | 1.6 |