Description
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
Affected products
- Debian / debian_linux2.1 – 2.1
- RedHat / linux6.0 – 6.0
- todd_miller / sudo1.5 – 1.5