Oval Definition:oval:com.ubuntu.xenial:def:20171000367000
Revision Date:2017-06-05Version:1
Title:CVE-2017-1000367 on Ubuntu 16.04 LTS (xenial) - high.
Description:Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-1000367
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND The 'sudo' package in xenial was vulnerable but has been fixed (note: '1.8.16-0ubuntu1.4').
    • BACK