28 matches found
EUVD-2011-0035
Malware in sbrugna...
NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Multiple Vulnerabilities (NS-SA-2022-0028)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers fil...
NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Multiple Vulnerabilities (NS-SA-2021-0101)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers fil...
NewStart CGSL MAIN 6.02 : sudo Multiple Vulnerabilities (NS-SA-2021-0120)
The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during...
VMware ESX Multiple Vulnerabilities (VMSA-2009-0009) (remote check)
The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in sudo in file parse.c due to a failure to properly interpret a system group %group in the sudoers configuration file when handling authorization decisions for...
Oracle: Security Advisory (ELSA-2009-0267)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : sudo on SL5.x i386/x86_64
A flaw was discovered in a way sudo handled group specifications in 'run as' lists in the sudoers configuration file. If sudo configuration allowed a user to run commands as any user of some group and the user was also a member of that group, sudo incorrectly allowed them to run defined commands...
VMSA-2009-0009 : ESX Service Console updates for udev, sudo, and curl
a. Service Console package udev A vulnerability in the udev program did not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. The Common Vulnerabilities and Exposures Project cve.mitre.org has...
Mandriva Linux Security Advisory : sudo (MDVSA-2011:018)
Multiple vulnerabilities has been found and corrected in sudo : A a patch for parse.c in sudo does not properly interpret a system group aka %group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers...
Mandriva Update for sudo MDVSA-2011:018 (sudo)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for sudo MDVSA-2011:018 (sudo)
Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2011:018 sudo Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for sudo FEDORA-2011-0470
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Authorization
A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain roo...
CVE-2011-0008
CVE-2011-0008 relates to a bug in parse.c of sudo before 1.7.4p5-1.fc14 (Fedora 14) where a system group (the %group) in sudoers could be misinterpreted during authorization for a user who belongs to that group. This regression (tied to CVE-2009-0034) allows a local user to leverage an applicable...
Mandriva Linux Security Advisory : sudo (MDVSA-2009:033)
A vulnerability has been identified in sudo which allowed - depending on the sudoers rules - a sudo-user to execute arbitrary shell commands as root CVE-2009-0034. The updated packages have been patched to prevent this. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
Todd Miller Sudo Runas_Alias组本地权限提升漏洞
BUGTRAQ ID: 33517 CVECAN ID: CVE-2009-0034 Sudo是一款允许用户以其他用户权限安全地执行命令的程序,广泛使用在Linux和Unix操作系统下。 sudo在确认用户属于哪个组的时候sudo中的parse.c文件没有正确地解释sudoer配置文件中的系统组(也被称为%group),本地用户可以利用run-as-user-in-group功能无需口令认证便以root用户权限执行sudo命令。 Todd Miller Sudo 1.6.9p17 - 1.6.9p19 厂商补丁: RedHat ------...
Ubuntu USN-722-1 (sudo)
The remote host is missing an update to sudo announced via advisory USN-722-1. OpenVAS Vulnerability Test $Id: ubuntu7221.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7221.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-722-1 sudo Authors: Thomas Reinke...
Ubuntu: Security Advisory (USN-722-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD Ports: sudo
The remote host is missing an update to the system as announced in the referenced advisory. VID 13d6d997-f455-11dd-8516-001b77d09812 OpenVAS Vulnerability Test $ Description: Auto generated from VID 13d6d997-f455-11dd-8516-001b77d09812 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandrake Security Advisory MDVSA-2009:033 (sudo)
The remote host is missing an update to sudo announced via advisory MDVSA-2009:033. OpenVAS Vulnerability Test $Id: mdksa2009033.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:033 sudo Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...