Family: Debian Local Security Checks --> Category: infos
[DSA128] DSA-128-1 sudo Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
fc found a buffer overflow in the variable expansion code
used by sudo for its prompt. Since sudo is necessarily installed suid
root a local user can use this to gain root access.
This has been fixed in version 1.6.2-2.2 for the stable distribution
of Debian and version 1.6.6-1 for the testing/unstable distribution.
We recommend that you upgrade your sudo package immediately.
Solution : http://www.debian.org/security/2002/dsa-128
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.