265 matches found
EulerOS 2.0 SP5 : sudo (EulerOS-SA-2023-1516)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a...
PT-2023-34963 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue concerns a potential array out-of-bound in the add secret dac path function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2023-35122 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue concerns a potential array out-of-bound in the add secret dac path function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
EulerOS 2.0 SP8 : sudo (EulerOS-SA-2023-1337)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a...
Heap-Based Buffer Over-Read
sudo is vulnerable to Heap-Based Buffer Over-Read. The vulnerability exists in crypt password backend, which contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that may result in a heap-based buffer over-read, that can be triggered by arbitrary local users with access to Sudo by...
EulerOS 2.0 SP9 : sudo (EulerOS-SA-2023-1113)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a...
EulerOS 2.0 SP9 : sudo (EulerOS-SA-2023-1137)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a...
EulerOS 2.0 SP11 : sudo (EulerOS-SA-2023-1022)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a...
EulerOS 2.0 SP11 : sudo (EulerOS-SA-2023-1047)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a...
GLSA-202211-08 : sudo: Heap-Based Buffer Overread
The remote host is affected by the vulnerability described in GLSA-202211-08 sudo: Heap-Based Buffer Overread - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can...
FreeBSD : sudo -- Potential out-of-bounds write for small passwords (3310014a-5ef9-11ed-812b-206a8a720317)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3310014a-5ef9-11ed-812b-206a8a720317 advisory. - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current sudo Vulnerability (SSA:2022-309-01)
The version of sudo installed on the remote host is prior to 1.9.12p1. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-309-01 advisory. - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that...
Heap overflow
Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...
CVE-2022-43995
Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...
Sudo 缓冲区错误漏洞
Sudo is a program used on Unix-like systems that allows users to execute commands in a secure manner with special privileges. A buffer error vulnerability exists in Sudo versions 1.8.0 through 1.9.12, which stems from the presence of an array out-of-bounds error that could result in a heap-based...
CVE-2022-43995
Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...
CVE-2022-43995
CVE-2022-43995 affects the sudo package, versions 1.8.0 through 1.9.12 with the crypt() password backend. The root cause is a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can cause a heap-based buffer over-read. It can be triggered by arbitrary local users who have access to sudo ...
CVE-2022-41583
CVE-2022-41583 relates to Huawei HarmonyOS storage module, specifically a vulnerability in the storage maintenance and debugging component that allows an array out-of-bounds read. Exploitation could corrupt statistics for the storage dimension module (as described in multiple sources). The primar...
PT-2022-33969 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.142 Description: The issue concerns an array out of bounds access in the gpio-fan component of the Linux Kernel's hwmon subsystem. The actual impact and potential for attack have not been proven yet...
GSD-2022-1004969 hwmon: (gpio-fan) Fix array out of bounds access
hwmon: gpio-fan Fix array out of bounds access This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...