TencentOS Server 4: sudo (TSSA-2024:0278)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0278 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

BELL-CVE-2023-27320 CVE-2023-27320 does not affect BellSoft software

Bulletin has no description...

EulerOS 2.0 SP11 : sudo (EulerOS-SA-2023-2278)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13p2 has a double free in the per-command chroot feature. CVE-2023-27320 Note that Tenable Network Security has extracted the...

EulerOS 2.0 SP11 : sudo (EulerOS-SA-2023-2302)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13p2 has a double free in the per-command chroot feature. CVE-2023-27320 Note that Tenable Network Security has extracted the...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-2302)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-2278)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : sudo (EulerOS-SA-2023-2078)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-2078)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-2130)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-27320 affecting package sudo 1.9.12p2-1

CVE-2023-27320 affecting package sudo 1.9.12p2-1. An upgraded version of the package is available that resolves this issue...

CBL Mariner 2.0 Security Update: sudo (CVE-2023-27320)

The version of sudo installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27320 advisory. - Sudo before 1.9.13p2 has a double free in the per-command chroot feature. CVE-2023-27320 Note that Nessus has...

CVE-2023-27320 affecting package sudo for versions less than 1.9.13p3-1

CVE-2023-27320 affecting package sudo for versions less than 1.9.13p3-1. An upgraded version of the package is available that resolves this issue...

USN-5908-1: Sudo vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROOT setting, a local attacker could use this...

Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2023-135)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-135 advisory. Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28487 Tenable has...

Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2023-133)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-133 advisory. Sudo before 1.9.13p2 has a double free in the per-command chroot feature. CVE-2023-27320 Tenable has extracted the preceding description block directly from the tested product security advisory. Note th...

Fedora 36 : sudo (2023-cb5df36beb)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-cb5df36beb advisory. Security fix for CVE-2023-27320 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

OESA-2023-1172 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: Sudo before 1.9.13p2 has a double free in the per-command...

Fedora: Security Advisory for sudo (FEDORA-2023-d2d6ec2a32)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Ubuntu: Security Advisory (USN-5908-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Sudo vulnerability (USN-5908-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5908-1 advisory. It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROO...