151 matches found
USN-5811-2 sudo vulnerability
USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has...
USN-5811-1 sudo vulnerabilities
Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. CVE-2023-22809 It was discovered that the...
DEBIAN-CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
ALPINE-CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
Design/Logic Flaw
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
CVE-2023-22809
A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...
[SECURITY] [DLA 3272-1] sudo security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3272-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 18, 2023 https://wiki.debian.org/LTS -...
CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
UBUNTU-CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
The vulnerability of the sudoedit command in the system administration program Sudo, which allows a hacker to gain access to confidential data
The vulnerability of the sudoedit command in system administration programs related to incorrect definition of symbolic links before accessing a file. Exploiting this vulnerability allows an attacker to gain access to confidential data...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...
CLSA-2021-1634925704 Fixed CVE-2021-23240 in sudo
sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit - sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh...
CLSA-2021-1625650209 Fix of CVE: CVE-2021-23240
sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit - sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh...
Exploit for Off-by-one Error in Sudo_Project Sudo
This is an exploit module/toolkit targeting the CVE-2021-3156 sudo vulnerability, dubbed Baron Samedit by Qualys. The target product/service is the sudo command, and the vulnerability class/vector is a heap-based overflow. The probable entry point is the sudoedit function, which is a part of the...
Oracle Linux 8 : sudo (ELSA-2021-1723)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-1723 advisory. - CVE-2021-3156 Resolves: rhbz1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb1916434 ...
sudo security and bug fix update
1.8.29-7 - RHEL 8.4 ERRATUM - CVE-2021-3156 Resolves: rhbz1917734 - CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhzb1916434 - CVE-2021-23240 sudo: symbolic link attack in SELinux-enabled sudoedit Resolves: rhbz1917038 - updated upstream url...
sudo: possible directory existence test due to race condition in sudoedit
A flaw was found in sudoedit. A race condition vulnerability and improper symbolic link resolution could be used by a local unprivileged user to test for the existence of directories and files not normally accessible to the user. This flaw cannot be used to read the content or write to arbitrary...
sudo: symbolic link attack in SELinux-enabled sudoedit
A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux is enabled, this flaw allows a malicious user with sudoedit permissions to set the owner of an arbitrary file to the user ID of the target user, potentially leading...