Sudo · Sudo · CVE-2015-8239
**Name of the Vulnerable Software and Affected Versions**
sudo versions after 1.8.7
**Description**
The issue concerns the SHA-2 digest support in the sudoers plugin, allowing local users with write permissions to parts of the called command to replace them before execution.
**Recommendations**
For versions after 1.8.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.