A single-byte heap corruption bug exists in sudo versions 1.6.3p5 and below. Exploitation of the bug requires in-depth knowledge of the system malloc internals. The bug has been exploited on Linux and can allow an attacker to gain root privileges. No known exploits exist for other operating systems but this should not be considered a Linux-only problem.
1.3.0 - 1.6.3p5 (inclusive)
... ➦