• info
• discussion
• exploit
• solution
• references

Todd Miller Sudo Kerberos Authentication Local Authentication Bypass Weakness

To exploit this issue, attackers use the affected 'sudo' utility itself, along with a fake KDC.