|
Sudo Perl Environment Variable Handling Security Bypass Vulnerability
Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling the 'PERLLIB', 'PERL5LIB', and 'PERL5OPT' environment variables when tainting is ignored. An attacker can exploit this vulnerability to bypass security restrictions and include arbitrary library files. To exploit this vulnerability, an attacker must be able to run Perl scripts through Sudo. |
|
|
Privacy Statement |
