Lucene search
K

151 matches found

RedHat Linux
RedHat Linux
added 2023/01/23 9:31 a.m.5 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:27 a.m.8 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:23 a.m.5 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:23 a.m.5 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:22 a.m.6 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:21 a.m.5 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:0 a.m.6 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
RedHat Linux
RedHat Linux
added 2023/01/23 8:59 a.m.6 views

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

7.8CVSS7.3AI score0.55367EPSS
Exploits20References6
OpenVAS
OpenVAS
added 2023/01/23 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2023:0116-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS9AI score0.55367EPSS
Exploits20References5
OpenVAS
OpenVAS
added 2023/01/23 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2023:0114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.55367EPSS
Exploits20References2
OSV
OSV
added 2023/01/20 9:26 a.m.8 views

SUSE-SU-2023:0117-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...

7.8CVSS7.8AI score0.55367EPSS
Exploits20References4
OSV
OSV
added 2023/01/20 9:26 a.m.4 views

SUSE-SU-2023:0116-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...

7.8CVSS7.8AI score0.55367EPSS
Exploits20References4
OSV
OSV
added 2023/01/20 9:23 a.m.6 views

SUSE-SU-2023:0115-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

7.8CVSS7.8AI score0.55367EPSS
Exploits20References3
BDU FSTEC
BDU FSTEC
added 2023/01/20 12:0 a.m.6 views

The vulnerability of the sudoedit function in the system administration program Sudo, which allows a hacker to escalate their privileges.

The vulnerability of the sudoedit function in the system administration program Sudo is related to errors in processing additional arguments in the environment variables. Exploiting this vulnerability allows a malicious actor to increase their privileges remotely...

7.5CVSS7.1AI score0.55367EPSS
Exploits20References19Affected Software11
OpenVAS
OpenVAS
added 2023/01/20 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2023:0100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS9AI score0.55367EPSS
Exploits20References4
OSV
OSV
added 2023/01/19 11:13 a.m.2 views

SUSE-SU-2023:0101-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

7.8CVSS7.8AI score0.55367EPSS
Exploits20References3
OSV
OSV
added 2023/01/19 9:27 a.m.5 views

SUSE-SU-2023:0100-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

7.8CVSS7.8AI score0.55367EPSS
Exploits20References3
NCSC
NCSC
added 2023/01/19 12:0 a.m.7 views

Vulnerability fixed in sudo

A vulnerability has been fixed in sudo's -e option also known as sudoedit. A malicious person with sudoedit privileges can exploit the exploit the vulnerability to edit arbitrary files. In this way, the malicious party can obtain elevated privileges on the vulnerable system. The developers of sud...

7.8CVSS7.3AI score0.55367EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2023/01/19 12:0 a.m.33 views

Debian dla-3272 : sudo - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3272 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3272-1 [email protected] https://www.debian.org/lts/security/...

7.8CVSS7.8AI score0.55367EPSS
Exploits20References4
Tenable Nessus
Tenable Nessus
added 2023/01/19 12:0 a.m.148 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Sudo vulnerabilities (USN-5811-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5811-1 advisory. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit...

7.8CVSS7.7AI score0.55367EPSS
Exploits21References3
Rows per page
Query Builder