sudo < 1.6.6 - Heap-Based Buffer Overflow via Prompt Argument Expansion
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.