sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by /home///file.txt.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sudo | Sudo_project | * | 1.8.14 |