1037 matches found
Ubuntu 22.04 LTS : Sudo vulnerability (USN-5908-1)
The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5908-1 advisory. It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROO...
CVE-2023-27320
A double-free vulnerability was found in Sudo in the per-command chroot feature. This flaw exists due to a boundary error when matching a sudoer rule that contains a per-command chroot directive CHROOT=dir. By sending a specially-crafted request, a local privileged attacker can elevate privileges...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
AZL-13784 CVE-2023-27320 affecting package sudo for versions less than 1.9.13p3-1
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
DEBIAN-CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
Double free
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
UBUNTU-CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
CVE-2023-27320
CVE-2023-27320 affects sudo and is caused by a double-free in the per-command chroot feature. Public advisories indicate affected versions include sudo before 1.9.13p2 (and related subversions such as 1.9.12p2‑1 in some advisories) with fixes in newer releases. Affected platforms include Linux di...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
K16880: Libcap vulnerability CVE-2011-4099
Security Advisory Description Description The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. CVE-2011-4099 Impact None. F5 products are not...
SUSE CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail...
SUSE CVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
SUSE CVE-2004-0792
Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files...
SUSE CVE-2006-1864
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1863...
SUSE CVE-2006-1863
Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864...