7 matches found
FreeBSD : sudo-rs -- Authenticating user not recorded properly in timestamp (bf6c9252-c2ec-11f0-8372-98b78501ef2a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bf6c9252-c2ec-11f0-8372-98b78501ef2a advisory. Trifecta Tech Foundation reports: With Defaults targetpw or Defaults rootpw enabled, the password of th...
sudo-rs doesn't record authenticating user properly in timestamp
Summary When Defaults targetpw or Defaults rootpw is enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs prior to 0.2.10 incorrectly recorded the invoking user’s UID instead of the authenticated-as user's UID in the...
GHSA-Q428-6V73-FC4Q sudo-rs doesn't record authenticating user properly in timestamp
Summary When Defaults targetpw or Defaults rootpw is enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs prior to 0.2.10 incorrectly recorded the invoking user’s UID instead of the authenticated-as user's UID in the...
CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
UBUNTU-CVE-2025-64517
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
CVE-2025-64517 sudo-rs doesn't record authenticating user properly in timestamp
sudo-rs is a memory safe implementation of sudo and su written in Rust. With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs starting in version 0.2.5 and prior to version 0.2.10...
sudo-rs -- Authenticating user not recorded properly in timestamp
Trifecta Tech Foundation reports: With Defaults targetpw or Defaults rootpw enabled, the password of the target account or root account instead of the invoking user is used for authentication. sudo-rs prior to 0.2.10 incorrectly recorded the invoking user’s UID instead of the authenticated-as...