oss-sec mailing list archives
Re: Arbitrary terminal access via sudo on Linux
From: "Todd C. Miller" <Todd.Miller () courtesan com>
Date: Fri, 02 Jun 2017 12:55:10 -0600
On Fri, 02 Jun 2017 12:51:55 -0600, Kurt Seifried wrote:
which says it is NOT exploitable, but you're saying that it is actually exploitable? If confirmed yes I'll get you a new CVE for this asap. Thanks.
The file overwrite issue is not exploitable in 1.8.20p1. However, the arbitrary tty access IS exploitable in 1.8.20p1. - todd
Current thread:
- Arbitrary terminal access via sudo on Linux Todd C. Miller (Jun 02)
- Re: Arbitrary terminal access via sudo on Linux Kurt Seifried (Jun 02)
- Re: Arbitrary terminal access via sudo on Linux Todd C. Miller (Jun 02)
- Re: Arbitrary terminal access via sudo on Linux Qualys Security Advisory (Jun 06)
- Re: Arbitrary terminal access via sudo on Linux Todd C. Miller (Jun 02)
- Re: Arbitrary terminal access via sudo on Linux Kurt Seifried (Jun 02)