42 matches found
CVE-2026-22536 PRIVILEGE ESCALATION VIA SUDO COMMAND
The absence of permissions control for the user XXX allows the current configuration in the sudoers file to escalate privileges without any restrictions...
EUVD-2016-0916
Malware in sbrugna...
EUVD-2010-1193
Malware in sbrugna...
EUVD-2017-5224
Malware in sbrugna...
EUVD-2021-28174
Malicious code in bioql PyPI...
Ensure That Common Users Run Privileged Programs Using the sudo Command
The sudo command enables a specified common user to execute certain programs with the root permission. Most system management commands need to be executed by the root user. For the system administrator, properly authorizing other users can reduce the burden of the system administrator. However,...
[SECURITY] Fedora 42 Update: sudo-1.9.17-2.p1.fc42
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
GHSA-98CV-WQJX-WX8F sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders
Summary Users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . PoC As root: mkdir /tmp/foo chmod a-rwx /tmp/foo touch /tmp/foo/secretfile As a user without any or limited sudo rights: $ sudo --list...
Ensure That Common Users Run Privileged Programs Using the sudo Command
The sudo command enables a specified common user to execute certain programs with the root permission. Most system management commands need to be executed by the root user. For the system administrator, properly authorizing other users can reduce the burden of the system administrator. However,...
CVE-2024-9875
Okta Privileged Access server agent SFTD versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo command bundles feature is enabled. To remediate this vulnerability, upgrade the Okta Privileged Access server agent SFTD to version 1.87.1 or greater...
Progress Flowmon 12.3.5 Local sudo Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Progress Flowmon Local sudo privilege escalation', 'Description' = %q This module abuses a feature of the sudo command on Progress Flowmon. Certa...
Kemp LoadMaster Local sudo Privilege Escalation Exploit
This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such,...
Fortinet FortiNAC Elevation of Privilege Vulnerability
Fortinet FortiNAC is a network access control solution from Fortinet, a US-based company. Fortinet FortiNAC has an elevation of privilege vulnerability that can be exploited to elevate privileges to root via the sudo command...
CVE-2021-41021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
Privilege escalation
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
CVE-2021-41021
FortiNAC has a privilege escalation vulnerability (CVE-2021-41021) affecting FortiNAC versions 8.8.8 and below and 9.1.2 and below, enabling an admin to escalate to root via sudo. The connected sources identify the affected scope and impact but do not provide exploitation details or explicit reme...
CVE-2021-41021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
CVE-2021-41021
A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...
Important: sudo
Issue Overview: When sudo runs a command in shell mode, either via the -s or -i command line option, it escapes special characters in the command's arguments with a backslash. The sudoers policy plugin will then remove the escape characters from the arguments before evaluating the sudoers policy...
sudo -- Multiple vulnerabilities
Todd C. Miller reports: When invoked as sudoedit, the same set of command line options are now accepted as for sudo -e. The -H and -P options are now rejected for sudoedit and sudo -e which matches the sudo 1.7 behavior. This is part of the fix for CVE-2021-3156. Fixed a potential buffer overflow...