CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
40.1%
USN-6005-1 fixed vulnerabilities in Sudo. This update
provides the corresponding updates for Ubuntu 16.04 LTS.
Original advisory details:
Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly
escaped control characters in log messages and sudoreplay output. An
attacker could possibly use these issues to inject terminal control
characters that alter output when being viewed.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | sudo-ldap | < 1.8.16-0ubuntu1.10+esm2 | UNKNOWN |
Ubuntu | 16.04 | noarch | sudo | < 1.8.16-0ubuntu1.10 | UNKNOWN |
Ubuntu | 16.04 | noarch | sudo-dbgsym | < 1.8.16-0ubuntu1.10 | UNKNOWN |
Ubuntu | 16.04 | noarch | sudo-ldap | < 1.8.16-0ubuntu1.10 | UNKNOWN |
Ubuntu | 16.04 | noarch | sudo-ldap-dbgsym | < 1.8.16-0ubuntu1.10 | UNKNOWN |
Ubuntu | 16.04 | noarch | sudo | < 1.8.16-0ubuntu1.10+esm2 | UNKNOWN |