25 matches found
RHEL 5 : rhev-hypervisor (RHSA-2010:0476)
An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...
Oracle Linux 5 : sudo (ELSA-2010-0122)
The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2010-0122 advisory. 1.6.9p17-6 - added patches for CVE-2010-0426 and CVE-2010-0427 Resolves: 567689 Tenable has extracted the preceding description block directly from the...
Scientific Linux Security Update : sudo on SL5.x i386/x86_64
CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution CVE-2010-0427 sudo: Fails to reset group permissions if runasdefault set A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers fi...
CentOS Update for sudo CESA-2010:0122 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update
An updated rhev-hypervisor package that fixes multiple security issues and several bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Gentoo Security Advisory GLSA 201003-01 (sudo)
The remote host is missing updates announced in advisory GLSA 201003-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Mandriva Update for sudo MDVSA-2010:052 (sudo)
Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2010:052 sudo Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for sudo MDVSA-2010:052 (sudo)
Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2010:052 sudo Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
openSUSE Security Update : sudo (sudo-2083)
This update fixes two security issues : - CVE-2010-0427:CVSS v2 Base Score: 6.6 Sudo failed to properly reset group permissions, when 'runasdefault' option was used. If a local, unprivileged user was authorized by sudoers file to perform their sudo commands under default user account, it could le...
openSUSE Security Update : sudo (sudo-2083)
This update fixes two security issues : - CVE-2010-0427:CVSS v2 Base Score: 6.6 Sudo failed to properly reset group permissions, when 'runasdefault' option was used. If a local, unprivileged user was authorized by sudoers file to perform their sudo commands under default user account, it could le...
openSUSE Security Update : sudo (sudo-2083)
This update fixes two security issues : - CVE-2010-0427:CVSS v2 Base Score: 6.6 Sudo failed to properly reset group permissions, when 'runasdefault' option was used. If a local, unprivileged user was authorized by sudoers file to perform their sudo commands under default user account, it could le...
Debian DSA-2006-1 : sudo - several vulnerabilities
Several vulnerabilities have been discovered in sudo, a program designed to allow a sysadmin to give limited root privileges to users. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0426 It was discovered that sudo when a pseudo-command is enabled,...
sudo: Privilege escalation
Background sudo allows a system administrator to give users the ability to run commands as other users. Description Multiple vulnerabilities have been discovered in sudo: Glenn Waller and neonsignal reported that sudo does not properly handle access control of the "sudoedit" pseudo-command...
[SECURITY] [DSA 2006-1] New sudo packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2006-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 02, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2006-1] New sudo packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2006-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 02, 2010 http://www.debian.org/security/faq -...
Todd Miller Sudo 'runas_default'本地特权提升漏洞
Bugraq ID: 38432 CVE ID:CVE-2010-0427 Sudo是一款允许用户以其他用户权限安全地执行命令的程序,广泛使用在Linux和Unix操作系统下。 当使用"runasdefault"选项时,sudo不正确重设组权限。如果本地非特权用户由sudoers文件授权在默认用户帐户下执行sudo命令,可导致特权提升。 Todd Miller Sudo 1.6.9 p19 Todd Miller Sudo 1.6.9 p18 Todd Miller Sudo 1.6.9 p17 Todd Miller Sudo 1.6.9 p21已经修复此漏洞,建议用户下载使用:...
DSA-2006-1 sudo - several vulnerabilities
Bulletin has no description...
Ubuntu Update for sudo vulnerabilities USN-905-1
Ubuntu Update for Linux kernel vulnerabilities USN-905-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9051.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for sudo vulnerabilities USN-905-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
USN-905-1: sudo vulnerabilities
It was discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation...
Important: Red Hat Security Advisory: sudo security update
An updated sudo package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The sudo superuser do utility allows system administrators to give certain users the abilit...