sudo -- Potential bypass of sudo_noexec.so via wordexp()
Todd C. Miller reports:
A flaw exists in sudo's noexec functionality that may allow
a user with sudo privileges to run additional commands even when the
NOEXEC tag has been applied to a command that uses the wordexp()
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright