Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.23 views

Oracle: Security Advisory (ELSA-2010-0361)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.8AI score0.01125EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2014/11/17 12:0 a.m.55 views

RHEL 5 : rhev-hypervisor (RHSA-2010:0476)

An updated rhev-hypervisor package that fixes two security issues, multiple bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

7.8CVSS7AI score0.03603EPSS
Exploits8References8
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : sudo (openSUSE-SU-2011:0050-1)

This update of sudo fixes : - CVE-2011-0010: Does ask for the user password for GID changes now. - CVE-2010-1646: CVSS v2 Base Score: 6.6 CWE-264: The secure environment option can handle multiple occurrence of PATH now. - CVE-2010-1163: CVSS v2 Base Score: 6.9 CWE-20: Improved command matching...

6.9CVSS7.5AI score0.00496EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.53 views

Oracle Linux 5 : sudo (ELSA-2010-0361)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2010-0361 advisory. 1.7.2p1-6 - added second patch for CVE-2010-0426 580441 Resolves: 580525 Tenable has extracted the preceding description block directly from the Oracle Linux...

6.9CVSS7.5AI score0.01125EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.32 views

Scientific Linux Security Update : sudo on SL5.x i386/x86_64

In configurations where the ignoredot option was set to off the default is on for the Scientific Linux 5 sudo package, a local user authorized to use the sudoedit pseudo-command could possibly run arbitrary commands with the privileges of the users sudoedit was authorized to run as. CVE-2010-1163...

6.9CVSS5.5AI score0.00402EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2011/05/05 12:0 a.m.25 views

openSUSE Security Update : sudo (openSUSE-SU-2011:0050-1)

This update of sudo fixes : - CVE-2011-0010: Does ask for the user password for GID changes now. - CVE-2010-1646: CVSS v2 Base Score: 6.6 CWE-264: The secure environment option can handle multiple occurrence of PATH now. - CVE-2010-1163: CVSS v2 Base Score: 6.9 CWE-20: Improved command matching...

6.9CVSS7.5AI score0.00496EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2011/03/09 12:0 a.m.25 views

Gentoo Security Advisory GLSA 201006-09 (sudo)

The remote host is missing updates announced in advisory GLSA 201006-09. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

6.9CVSS6.4AI score0.00402EPSS
Exploits2References2
ALT Linux
ALT Linux
added 2010/06/01 12:0 a.m.27 views

Security fix for the ALT Linux 6 package sudo version 1:1.6.8p12-alt8

June 1, 2010 Dmitry V. Levin 1:1.6.8p12-alt8 - Backported upstream fix for CVE-2010-1163 envreset, ignoredot and securepath sudoers options all had to be explicitly disabled to make an attack possible. - Backported upstream fix for CVE-2010-1646 envreset sudoers option had to be explicitly disabl...

6.9CVSS6.2AI score0.00457EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2010/06/01 12:0 a.m.27 views

CentOS 5 : sudo (CESA-2010:0361)

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.9CVSS7.4AI score0.01125EPSS
Exploits3References4
ALT Linux
ALT Linux
added 2010/06/01 12:0 a.m.51 views

Security fix for the ALT Linux 8 package sudo version 1:1.6.8p12-alt8

June 1, 2010 Dmitry V. Levin 1:1.6.8p12-alt8 - Backported upstream fix for CVE-2010-1163 envreset, ignoredot and securepath sudoers options all had to be explicitly disabled to make an attack possible. - Backported upstream fix for CVE-2010-1646 envreset sudoers option had to be explicitly disabl...

6.9CVSS7AI score0.00457EPSS
Exploits3
Cent OS
Cent OS
added 2010/05/28 10:47 a.m.70 views

sudo security update

CentOS Errata and Security Advisory CESA-2010:0361 An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

6.9CVSS7.2AI score0.00402EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2010/04/21 12:0 a.m.29 views

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.9CVSS7.7AI score0.01125EPSS
Exploits3References3
Packet Storm
Packet Storm
added 2010/04/20 12:0 a.m.60 views

Sudo 1.7.2p5 Local Privilege Escalation

Security Advisory @ Mediaservice.net Srl 02, 19/04/2010 Data Security Division Title: sudoedit local privilege escalation through PATH manipulation Application: sudo Maurizio Agazzini Vendor Status: sudo team notified on 26/03/2010 CVE Candidate: The Common Vulnerabilities and Exposures project h...

6.9CVSS0.3AI score0.01125EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2010/04/16 7:30 p.m.38 views

CVE-2010-1163

The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a...

6.9CVSS6.1AI score0.00402EPSS
Exploits2References3
OSV
OSV
added 2010/04/16 7:30 p.m.7 views

CVE-2010-1163

The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a...

7.1AI score
Exploits0References28
CVE
CVE
added 2010/04/16 7:0 p.m.123 views

CVE-2010-1163

The CVE-2010-1163 issue affects sudo 1.6.8–1.7.2p5. If the PATH contains "." and a file in the CWD shares a name with a sudoers pseudo-command, a local user could invoke arbitrary commands via sudoedit, enabling privilege escalation to root. The vulnerability stems from command matching/path reso...

6.9CVSS8.1AI score0.00402EPSS
Exploits2References28Affected Software1
Rows per page
Query Builder