Lucene search
K

1037 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/02 12:0 a.m.44 views

Ubuntu 22.04 LTS : Sudo vulnerability (USN-5908-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5908-1 advisory. It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROO...

7.2CVSS6.7AI score0.01664EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2023/02/28 8:59 p.m.39 views

CVE-2023-27320

A double-free vulnerability was found in Sudo in the per-command chroot feature. This flaw exists due to a boundary error when matching a sudoer rule that contains a per-command chroot directive CHROOT=dir. By sending a specially-crafted request, a local privileged attacker can elevate privileges...

6.4CVSS7AI score0.01664EPSS
Exploits1References5
NVD
NVD
added 2023/02/28 6:15 p.m.15 views

CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS7.2AI score0.01664EPSS
Exploits1References8
OSV
OSV
added 2023/02/28 6:15 p.m.8 views

AZL-13784 CVE-2023-27320 affecting package sudo for versions less than 1.9.13p3-1

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS6.9AI score0.01664EPSS
Exploits1References1
OSV
OSV
added 2023/02/28 6:15 p.m.1 views

DEBIAN-CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS7.2AI score0.01664EPSS
Exploits1References1
OSV
OSV
added 2023/02/28 6:15 p.m.42 views

CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS7.2AI score
Exploits0References8
Prion
Prion
added 2023/02/28 6:15 p.m.24 views

Double free

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

5.8CVSS6.8AI score0.01664EPSS
Exploits1References8Affected Software2
OSV
OSV
added 2023/02/28 6:15 p.m.3 views

UBUNTU-CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS5.8AI score0.01664EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/02/28 12:0 a.m.21 views

CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.3AI score0.01664EPSS
Exploits1References8
CVE
CVE
added 2023/02/28 12:0 a.m.180 views

CVE-2023-27320

CVE-2023-27320 affects sudo and is caused by a double-free in the per-command chroot feature. Public advisories indicate affected versions include sudo before 1.9.13p2 (and related subversions such as 1.9.12p2‑1 in some advisories) with fixes in newer releases. Affected platforms include Linux di...

7.2CVSS6.9AI score0.01664EPSS
Exploits1References8Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/28 12:0 a.m.2 views

CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2AI score0.01664EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2023/02/28 12:0 a.m.47 views

CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS6.8AI score0.01664EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2023/02/28 12:0 a.m.126 views

CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS6.7AI score0.01664EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2023/02/28 12:0 a.m.58 views

CVE-2023-27320

Sudo before 1.9.13p2 has a double free in the per-command chroot feature...

7.2CVSS7.2AI score0.01664EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:26 p.m.24 views

K16880: Libcap vulnerability CVE-2011-4099

Security Advisory Description Description The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. CVE-2011-4099 Impact None. F5 products are not...

4.6CVSS6.1AI score0.00379EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.5 views

SUSE CVE-2003-0962

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...

7.5CVSS8.5AI score0.21157EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.5 views

SUSE CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

5CVSS7AI score0.03404EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.6 views

SUSE CVE-2004-0792

Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files...

6.4CVSS6.9AI score0.02317EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-1864

Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1863...

4.6CVSS6.6AI score0.0116EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-1863

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864...

2.1CVSS6.6AI score0.01016EPSS
Exploits1References4
Rows per page
Query Builder