A flaw exists in sudo’s -e option (aka sudoedit) in sudo versions 1.6.8 through 1.7.2p5 that may give a user with permission to run sudoedit the ability to run arbitrary commands. This bug is related to, but distinct from, CVE-2010-0426. Sudo versions affected: 1.6.8 through 1.7.2p5 inclusive. CVE ID: This vulnerability has been assigned CVE-2010-1163 in the Common Vulnerabilities and Exposures database.
