-
January 26, 2021
A potential security
issue exists in sudo that could be used by a local user to
gain root privileges even when not listed in the sudoers file.
Affected sudo versions are 1.8.2 through 1.8.31p2 and 1.9.0
through 1.9.5p1. Sudo 1.9.5p2 and above are not affected.
-
January 11, 2021
A potential security issue
exists in sudoedit when sudo is built with SELinux support.
A user with sudoedit privileges may be able to set the owner of
an arbitrary file to that of the target user (e.g. root).
Affected sudo versions are 1.8.11 through 1.9.4p2.
Sudo 1.9.5 and above are not affected.
-
January 30, 2020 (updated February 5, 2020)
A potential security issue
exists in sudo when the pwfeedback option is enabled in sudoers
that can lead to a buffer overflow.
Affected sudo versions are 1.7.1 through 1.8.30 inclusive but
only when pwfeedback is explicitly enabled.
Sudo 1.8.31 and above are not affected.
-
October 14, 2019
A potential security issue
exists where a sudo user may be able to run a command as root
when the Runas specification explicitly disallows root access
as long as the ALL keyword is listed first.
Affected sudo versions are 1.4.2 through 1.8.27 inclusive.
Sudo 1.8.28 and above are not affected.
-
May 30, 2017
A potential security issue
exists that may allow a user to overwrite an arbitrary file.
This issue is only present on Linux systems.
Affected sudo versions are 1.8.6p7 through 1.8.20 inclusive.
Sudo 1.8.20p1 and above are not affected.
-
October 26, 2016
A potential security issue
exists that may allow a user to run additional commands even when
the NOEXEC tag has been applied to a command that uses
the wordexp() function.
Affected sudo versions are 1.6.8 through 1.8.18 inclusive.
Sudo 1.8.18p1 and above are not affected.
-
October 26, 2016
A potential security issue
exists that may allow a user to run additional commands even when
the NOEXEC tag has been applied to a command that uses
the system() or popen() function.
Affected sudo versions are 1.6.8 through 1.8.14p3 inclusive.
Sudo 1.8.15 and above are not affected.
-
February 9, 2015
A potential security issue
exists that may allow a user to access arbitrary files by
setting the TZ environment variable to a fully-qualified path
name.
Affected sudo versions are 1.0.0 through 1.7.10p9 and 1.8.0 through 1.8.11p2.
Sudo 1.8.12 and above are not affected.
-
March 5, 2014
A potential security issue
exists that may allow a user to add arbitrary variables to the
environment when the env_reset option is disabled in sudoers.
Affected sudo versions are 1.6.9 through 1.8.4p5. Sudo 1.8.5 and
above are not affected.
-
February 27, 2013
A potential security issue
exists that may allow a user to bypass authentication if they
are able to reset the system clock.
Affected sudo versions are 1.6.0 through 1.7.10p7 and sudo 1.8.0
through 1.8.6p7.
-
February 27, 2013
A potential security issue
exists that may allow a user to bypass the tty_tickets
constraints. Affected sudo versions are 1.3.5 through 1.7.10p6
and sudo 1.8.0 through 1.8.6p7 when the "tty_tickets" option
is enabled.
-
May 16, 2012
A potential security issue
exists in the matching of hosts against an IPv4 network specified
in sudoers.
Affected sudo versions are 1.6.9p3 through 1.8.4p4. The flaw
may allow a user who is authorized to run commands on hosts
belonging to one IPv4 network to run commands on a different host.
-
January 30, 2012
A format string vulnerability
has been found when the -D (debugging) flag is used.
Affected sudo versions are 1.8.0 through 1.8.3p1.
The flaw may allow a user to run commands as root without being
prompted for a password.
-
January 12, 2011
A potential security
issue exists in the handling of sudo's -g command
line option when -u is not specified. Affected sudo
versions are 1.7.0 through 1.7.4p4. The flaw may allow a user
to run commands as a group without being prompted for a password.
-
September 7, 2010
A potential security
issue exists in the handling of sudo's -g command
line option when -u is also specified. Affected sudo
versions are 1.7.0 through 1.7.4p3. The flaw may allow an
attacker to run commands as a user that is not authorized by
the sudoers file.
-
June 2, 2010
A potential security
issue exists in sudo's secure path functionality
in sudo versions 1.3.1 through 1.6.9p22 and versions 1.7.0
through 1.7.2p6. The flaw may allow an attacker to bypass the
secure path PATH restrictions and set
PATH to a user-controlled value.
-
April 9, 2010
An additional security
issue exists in sudo's -e option (aka sudoedit) in sudo
versions 1.6.8 through 1.7.2p5 that may give a user with
permission to run sudoedit the ability to run arbitrary commands.
-
February 22, 2010
A security issue
exists in sudo's -e option (aka sudoedit) in sudo versions
1.6.9 through 1.7.2p3 that may give a user with permission to run
sudoedit the ability to run arbitrary commands.
-
December 6, 2009
A security issue
with sudoers rules that include Cmnd_Alias entries that use the
negation operator has been fixed.
-
January 29, 2009
A security issue
with sudoers rules that include a group in the RunAs portion
of the rule has been discovered.
-
July 17, 2007
A security issue
has been discovered with the Kerberos 5 authentication that
allows a malicious user to avoid authenticating with sudo.
-
November 8, 2005
A security issue
has been discovered that allows a malicious user with permission
to run a perl shell script to execute arbitrary perl code.
-
October 27, 2005
A security issue
has been discovered that allows a malicious user with permission
to run a bash shell script to execute arbitrary commands.
-
June 20, 2005
A race condition
has been discovered that could allow a malicious user with
sudo privileges to execute arbitrary commands.
-
November 11, 2004
A security issue
has been discovered that allows a malicious user with permission
to run a bash shell script to execute arbitrary commands.
-
September 15, 2004
A bug in sudoedit
has been discovered that allows a malicious user to read files
that would otherwise be unreadable.
-
April 25, 2002
A buffer overflow bug
has been discovered in sudo's prompt expansion code.
-
Janurary 14, 2002
A security issue that could
allow an attacker to to gain root privileges via sudo if the
Postfix mailer is installed has been discovered.
-
February 22, 2001
A heap corruption bug
has been discovered in sudo's logging functions.