Ubuntu: 928-1 Critical: Sudo Local Exploit and Code Execution Risk
ubuntu
April 15, 2010
==========================================================Ubuntu Security Notice USN-928-1 April 15,
Valerio Costamagna discovered that sudo did not properly validate the pathfor the 'sudoedit' pseudo-command when the PATH contained only a dot ('.').If secure_path and ignore_dot w...