Sudo Heap Corruption Vulnerability

Bugtraq ID: 2829
Class: Boundary Condition Error
CVE:
Remote: No
Local: Yes
Published: Feb 22 2001 12:00AM
Updated: Feb 22 2001 12:00AM
Credit: Reportedly discovered by Chris Wilson <chris@ritc.co.uk>.
Vulnerable: Todd Miller Sudo 1.6.3 p5
Todd Miller Sudo 1.6.3 p4
+ Slackware Linux 7.1
Todd Miller Sudo 1.6.3 p3
Todd Miller Sudo 1.6.3 p2
Todd Miller Sudo 1.6.3 p1
Todd Miller Sudo 1.6.3
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
Todd Miller Sudo 1.6.2
- Debian Linux 2.2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.5.9
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4
Todd Miller Sudo 1.5.8
Todd Miller Sudo 1.5.7
Todd Miller Sudo 1.5.6
Not Vulnerable: Todd Miller Sudo 1.6.3 p7
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ Slackware Linux 8.0
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
Todd Miller Sudo 1.6.3 p6
+ Guardian Digital Engarde Secure Linux 1.0.1
+ Guardian Digital Engarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 alpha
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 7.0
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 7.0


 

Privacy Statement
Copyright 2010, SecurityFocus