A flaw exists in sudo’s noexec functionality that may allow a user with sudo privileges to run additional commands even when the NOEXEC tag has been applied to a command that uses either the system() or popen() functions. Sudo versions affected: 1.6.8 through 1.8.14p3 inclusive. CVE ID: This vulnerability has been assigned CVE-2016-7032 in the Common Vulnerabilities and Exposures database.
