sudo contain a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a user is able to run perl scripts via sudo, and the perl scripts to not have the taint flag (-T). This flaw may lead to a loss of integrity.
Local Access Required
Loss of Integrity
Patch / RCS,
Upgrade to version 1.6.8p12 or higher, as it has been reported to fix this vulnerability. An administrator can also apply the following workaround: Add
'Defaults env_delete+="PERLLIB PERL5LIB PERL5OPT"' to
the top of the sudoers file to strip out the offending variables.