Sudo vulnerability

2015-03-16T00:00:00
ID USN-2533-1
Type ubuntu
Reporter Ubuntu
Modified 2015-03-16T00:00:00

Description

Jakub Wilk and Stephane Chazelas discovered that Sudo incorrectly handled the TZ environment variable. An attacker with Sudo access could possibly use this issue to open arbitrary files, bypassing intended permissions.