38 matches found
RHEL 6 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: by using ! character in the shadow file instead of a password hash can access to a run as all sudoe...
Rocky Linux 8 : sudo (RLSA-2021:1723)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1723 advisory. - The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-1296)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : sudo Vulnerability (NS-SA-2022-0100)
The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by a vulnerability: - selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a...
AlmaLinux 8 : sudo (ALSA-2021:1723)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1723 advisory. - The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c...
Mageia: Security Advisory (MGASA-2021-0042)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2021-1625650209 Fix of CVE: CVE-2021-23240
sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit - sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh...
Advisory ROSA-SA-2021-1980
Software: sudo 1.8.23 OS: Cobalt 7.9 CVE-ID: CVE-2021-23239 CVE-Crit: LOW CVE-DESC: The sudoedit personality in sudo before 1.9.5 can allow a local unprivileged user to perform arbitrary directory existence tests by winning the sudoedit.c race condition when replacing a user-controlled directory...
Oracle Linux 8 : sudo (ELSA-2021-1723)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1723 advisory. - CVE-2021-3156 Resolves: rhbz1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb1916434 ...
sudo security and bug fix update
1.8.29-7 - RHEL 8.4 ERRATUM - CVE-2021-3156 Resolves: rhbz1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb1916434 - CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz1917038 - updated upstream url...
CentOS 8 : sudo (CESA-2021:1723)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1723 advisory. - sudo: possible directory existence test due to race condition in sudoedit CVE-2021-23239 - sudo: symbolic link attack in SELinux-enabled sudoedit...
Low: Red Hat Security Advisory: sudo security and bug fix update
An update for sudo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Low: sudo security and bug fix update
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: symbolic link attack in SELinux-enabled...
sudo security and bug fix update
An update is available for sudo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators to...
SUSE: Security Advisory (SUSE-SU-2021:0227-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for sudo (openSUSE-SU-2021:0169-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
EulerOS Virtualization 2.9.1 : sudo (EulerOS-SA-2021-1726)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux...
EulerOS Virtualization 2.9.0 : sudo (EulerOS-SA-2021-1757)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1757)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1520)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...