45 matches found
Arbitrary Code Execution
sudo is vulnerable to arbitrary code execution. The RHBA-2010:0212 sudo update released as part of Red Hat Enterprise Linux 5.5 added the ability to change the value of the ignoredot option in the "/etc/sudoers" configuration file. This ability introduced a regression in the upstream fix for...
RHEL 5 : rhev-hypervisor (RHSA-2010:0476)
An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...
Oracle Linux 5 : sudo (ELSA-2010-0122)
The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2010-0122 advisory. 1.6.9p17-6 - added patches for CVE-2010-0426 and CVE-2010-0427 Resolves: 567689 Tenable has extracted the preceding description block directly from the...
Scientific Linux Security Update : sudo on SL5.x i386/x86_64
CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution CVE-2010-0427 sudo: Fails to reset group permissions if runasdefault set A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers fi...
CentOS Update for sudo CESA-2010:0122 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 11 : sudo-1.7.2p6-1.fc11 (2010-6749)
update to new upstream version - merged .audit and .libaudit patch - added sudoers.ldap.5 to files - http://sudo.ws/sudo/alerts/sudoeditescalate2.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...
Fedora 12 : sudo-1.7.2p5-1.fc12 (2010-3359)
update to new upstream version - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora 11 : sudo-1.7.2p5-1.fc11 (2010-3415)
update to new upstream version - backported changes from F-12 - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora 13 : sudo-1.7.2p5-1.fc13 (2010-3352)
update to new upstream version - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CentOS 5 : sudo (CESA-2010:0361)
An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora Update for sudo FEDORA-2010-6749
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
sudo security update
1.7.2p1-6 - added second patch for CVE-2010-0426 580441 Resolves: 580525...
Ubuntu: Security Advisory (USN-928-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for sudo vulnerability USN-928-1
Ubuntu Update for Linux kernel vulnerabilities USN-928-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9281.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for sudo vulnerability USN-928-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : sudo vulnerability (USN-928-1)
Valerio Costamagna discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command when the PATH contained only a dot '.'. If securepath and ignoredot were disabled, a local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the...
USN-928-1: Sudo vulnerability
Valerio Costamagna discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command when the PATH contained only a dot '.'. If securepath and ignoredot were disabled, a local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the...
Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update
An updated rhev-hypervisor package that fixes multiple security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
FreeBSD Ports: sudo
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Gentoo Security Advisory GLSA 201003-01 (sudo)
The remote host is missing updates announced in advisory GLSA 201003-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: sudo
The remote host is missing an update to the system as announced in the referenced advisory. VID 018a84d0-2548-11df-b4a3-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID 018a84d0-2548-11df-b4a3-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...