Contributed by Dengue on from the sudo dept.
"a vulnerability has been found in the 'sudo' command. a properly formed shell prompt can be used to execute commands outside the scope of your authorization via a heap corruption. the vulnerabiluty was found by Global InterSec. version 1.6.6 fixes these problems (and others, as well). announcement on bugtraq: http://archives.neohapsis.com/archives/bugtraq/2002-04/0350.html and openbsd patch: http://www.openbsd.org/errata.html#sudo "
(Comments are closed)