10 matches found
FreeBSD Ports: sudo
The remote host is missing an update to the system as announced in the referenced advisory. VID bdd1537b-354c-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
CVE-2004-1051
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname...
CVE-2004-1051
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname...
CVE-2004-1051
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname...
Debian DSA-596-2 : sudo - missing input sanitising
Liam Helmer noticed that sudo, a program that provides limited super user privileges to specific users, does not clean the environment sufficiently. Bash functions and the CDPATH variable are still passed through to the program running as privileged user, leaving possibilities to overload system...
CVE-2004-1051
Technical details about CVE-2004-1051 are not publicly available in the provided documents. Monitor for updates as new information may be published.
CVE-2004-1051
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname...
CVE-2004-1051
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname...
Mandrake Linux Security Advisory : sudo (MDKSA-2004:133)
Liam Helmer discovered a flow in sudo's environment sanitizing. This flaw could allow a malicious users with permission to run a shell script that uses the bash shell to run arbitrary commands. The problem is fixed in sudo 1.6.8p2; the provided packages have been patched to correct the issue...
DSquare Exploit Pack: D2SEC_SUDO
Name| d2secsudo ---|--- CVE| CVE 2004-1051 Exploit Pack| D2ExploitPack Description| Sudo bash command execution Vulnerability Notes|...