CVE-2002-0184

High

Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root…

mitre·CWE-131·Published 2002-05-16

CVSS

7.8

EPSS

0.01

KEV

Exploits

Vendor statements (8)

cve.orgen

230 chars

Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.

NVDes

216 chars

Desbordamiento del montón (heap) en sudo anteriores a 1.6.6 puede permitir a usuarios locales ganar privilegios de root mediante caractéres especiales en el argumento -p (prompt), que no son expandidos adecuadamente.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.2	3.9	10.0	AV:L/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H