Vulnerability identifier: #VU6846

Vulnerability risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-1000367

CWE-ID: CWE-77

Exploitation vector: Local

Exploits in database: 3

• April 7, 2020
  • CVE-Exploit-Script () [Github]
• March 18, 2020
  • sudo_exploit (own implementation of the CVE-2017-1000367 sudo privilege escalation vulnerability in python) [Github]
  • Sudo - 'get_process_ttyname()' Privilege Escalation [Exploit-DB]

Impact: Information disclosure and data manipulation

Vulnerable software:
Sudo
Client/Desktop applications / Software for system administration

Vendor: Sudo