Lucene search
K

45 matches found

Veracode
Veracode
added 2020/04/10 12:48 a.m.30 views

Arbitrary Code Execution

sudo is vulnerable to arbitrary code execution. The RHBA-2010:0212 sudo update released as part of Red Hat Enterprise Linux 5.5 added the ability to change the value of the ignoredot option in the "/etc/sudoers" configuration file. This ability introduced a regression in the upstream fix for...

6.9CVSS2.3AI score0.01125EPSS
Exploits3References30Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/11/17 12:0 a.m.55 views

RHEL 5 : rhev-hypervisor (RHSA-2010:0476)

An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

7.8CVSS7AI score0.03603EPSS
Exploits8References8
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.39 views

Oracle Linux 5 : sudo (ELSA-2010-0122)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2010-0122 advisory. 1.6.9p17-6 - added patches for CVE-2010-0426 and CVE-2010-0427 Resolves: 567689 Tenable has extracted the preceding description block directly from the...

6.9CVSS7.6AI score0.01125EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.30 views

Scientific Linux Security Update : sudo on SL5.x i386/x86_64

CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution CVE-2010-0427 sudo: Fails to reset group permissions if runasdefault set A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers fi...

6.9CVSS7.8AI score0.01125EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.34 views

CentOS Update for sudo CESA-2010:0122 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS7.7AI score0.01125EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.25 views

Fedora 11 : sudo-1.7.2p6-1.fc11 (2010-6749)

update to new upstream version - merged .audit and .libaudit patch - added sudoers.ldap.5 to files - http://sudo.ws/sudo/alerts/sudoeditescalate2.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...

6.9CVSS7.4AI score0.01125EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.26 views

Fedora 12 : sudo-1.7.2p5-1.fc12 (2010-3359)

update to new upstream version - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

6.9CVSS8AI score0.01125EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.24 views

Fedora 11 : sudo-1.7.2p5-1.fc11 (2010-3415)

update to new upstream version - backported changes from F-12 - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

6.9CVSS8.2AI score0.01125EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.36 views

Fedora 13 : sudo-1.7.2p5-1.fc13 (2010-3352)

update to new upstream version - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

6.9CVSS8AI score0.01125EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2010/06/01 12:0 a.m.27 views

CentOS 5 : sudo (CESA-2010:0361)

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.9CVSS7.4AI score0.01125EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2010/05/07 12:0 a.m.27 views

Fedora Update for sudo FEDORA-2010-6749

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS7.8AI score0.01125EPSS
Exploits2References2
Oracle linux
Oracle linux
added 2010/04/20 12:0 a.m.39 views

sudo security update

1.7.2p1-6 - added second patch for CVE-2010-0426 580441 Resolves: 580525...

6.9CVSS1.7AI score0.01125EPSS
Exploits3
OpenVAS
OpenVAS
added 2010/04/16 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-928-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.8AI score0.01125EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2010/04/16 12:0 a.m.33 views

Ubuntu Update for sudo vulnerability USN-928-1

Ubuntu Update for Linux kernel vulnerabilities USN-928-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9281.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for sudo vulnerability USN-928-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

6.9CVSS0.1AI score0.01125EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2010/04/16 12:0 a.m.30 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : sudo vulnerability (USN-928-1)

Valerio Costamagna discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command when the PATH contained only a dot '.'. If securepath and ignoredot were disabled, a local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the...

6.9CVSS8AI score0.01125EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2010/04/15 4:15 p.m.85 views

USN-928-1: Sudo vulnerability

Valerio Costamagna discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command when the PATH contained only a dot '.'. If securepath and ignoredot were disabled, a local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the...

8AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/03/24 3:46 p.m.45 views

Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update

An updated rhev-hypervisor package that fixes multiple security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.8CVSS7.3AI score0.12426EPSS
Exploits12References5
OpenVAS
OpenVAS
added 2010/03/16 12:0 a.m.18 views

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.9CVSS7.7AI score0.01125EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2010/03/16 12:0 a.m.25 views

Gentoo Security Advisory GLSA 201003-01 (sudo)

The remote host is missing updates announced in advisory GLSA 201003-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

6.9CVSS0.8AI score0.01125EPSS
Exploits4
OpenVAS
OpenVAS
added 2010/03/16 12:0 a.m.37 views

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID 018a84d0-2548-11df-b4a3-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID 018a84d0-2548-11df-b4a3-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

6.9CVSS7.8AI score0.01125EPSS
Exploits2
Rows per page
Query Builder