15 matches found
VulnCheck KEV: CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...
SUSE CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...
SUSE CVE-2017-1000368
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...
GHSA-QHXV-296X-HJV7 @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution
All versions of package @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution due to improper sanitization of getProcessByName function...
Design/Logic Flaw
All versions of package @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution due to improper sanitization of getProcessByName function...
PT-2022-17431 · Npm · @Pendo324/Get-Process-By-Name
Name of the Vulnerable Software and Affected Versions: @pendo324/get-process-by-name versions all Description: The issue is related to Arbitrary Code Execution due to improper sanitization of the getProcessByName function. This allows for potential code execution without proper validation...
The vulnerability of the get_process_ttyname function in the Sudo system administration program allows a malicious actor to execute arbitrary commands and gain access to sensitive information.
The vulnerability of the getprocessttyname function in the Sudo system administration program exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely and gain access to sensitive information...
Sudo Input Validation Vulnerability (CNVD-2017-11317)
Sudo is a program developed by software developer Todd C. Miller for use on Unix-like operating systems that allows users to execute commands in a secure manner with special privileges. An input validation vulnerability exists in the 'getprocessttyname' function in Sudo 1.8.20p1 and earlier...
ALPINE-CVE-2017-1000368
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...
DEBIAN-CVE-2017-1000368
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...
DEBIAN-CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...
The vulnerability of the get_process_ttyname function in the system administration software Sudo may allow attackers to elevate their privileges to superuser status and execute arbitrary code.
The vulnerability of the getprocessttyname function in the Sudo system administration program is related to insufficient input data validation. The vulnerability is exploited by creating a symbolic link to the executable file of Sudo, with the file name formatted in a specific way a space followe...
UBUNTU-CVE-2017-1000368
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...
Sudo Input Validation Vulnerability
Sudo is a program developed by software developer Todd C. Miller for use on Unix-like operating systems that allows users to execute commands in a secure manner with special privileges. An input validation vulnerability exists in the 'getprocessttyname' function in Sudo 1.8.20 and earlier version...
UBUNTU-CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...