Exploit for Improper Privilege Management in Sudo_Project Sudo

CVE-2023-22809 Analysis & Exploit Basic Information V...

CVE-2022-38060

A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Vulnerability (NS-SA-2020-0096)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by a vulnerability: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is ...

NewStart CGSL MAIN 4.05 : sudo Vulnerability (NS-SA-2020-0047)

The remote NewStart CGSL host, running version MAIN 4.05, has sudo packages installed that are affected by a vulnerability: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default...

CVE-2020-8933

Removed by vendor...

CVE-2019-19585

An issue was discovered in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an attacker to bypass local security restrictions...

CVE-2019-18684

Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=ALL NOPASSWD:ALL" to...

Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) For Full Access + Null-Free Shellcode (79 bytes)

Linux/x86 - Edit /etc/sudoers ALL ALL=ALL NOPASSWD: ALL For Full Access + Null-Free Shellcode 79 bytes. Shellcode exploit for Linuxx86 platform / Title: Edit /etc/sudoers with NOPASSWD for ALL Date: 2018-04-19 Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: edit...

FreePBX 13/14 - Remote Command Execution / Privilege Escalation

!/usr/bin/env python -- coding, latin-1 -- DESCRIPTION FreePBX 13 remote root 0day - Found and exploited by pgt @ nullsecurity.net AUTHOR pgt - nullsecurity.net DATE 8-12-2016 VERSION freepbx0day.py 0.1 AFFECTED VERSIONS FreePBX 13 & 14 System Recordings Module versions: 13.0.1beta1 - 13.0.26 STA...

GLSA-201606-13 : sudo: Unauthorized privilege escalation in sudoedit

The remote host is affected by the vulnerability described in GLSA-201606-13 sudo: Unauthorized privilege escalation in sudoedit sudoedit in sudo is vulnerable to the escalation of privileges by local users via a symlink attack. This can be exploited by a file whose full path is defined using...

CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

Adobe Version Cue 1.0/1.0.1 - Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl Adobe Version Cue VCNativeOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program writes data to a log file in the current working directory while running as setuid root. the logfile is formated...

openSUSE Security Update : sudo (openSUSE-SU-2012:0652-1)

sudo did not always honor the HostList setting in /etc/sudoers properly %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-293. The text description of this plugin is C SUSE LLC...

Amazon Linux AMI : sudo (ALAS-2013-259)

A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20130930)

A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...

Low: Red Hat Security Advisory: sudo security and bug fix update

An updated sudo package that fixes multiple security issues and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Sudo 1.7.2p5 Local Privilege Escalation

Security Advisory @ Mediaservice.net Srl 02, 19/04/2010 Data Security Division Title: sudoedit local privilege escalation through PATH manipulation Application: sudo Maurizio Agazzini Vendor Status: sudo team notified on 26/03/2010 CVE Candidate: The Common Vulnerabilities and Exposures project h...

Gentoo Security Advisory GLSA 200511-15 (Smb4k)

The remote host is missing updates announced in advisory GLSA 200511-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary file deletion

The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 does not preserve /etc/sudoers permissions across modifications, which allows local users to obtain sensitive information /etc/sudoers contents by reading this file...