22 matches found
Oracle: Security Advisory (ELSA-2010-0675)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : sudo (openSUSE-SU-2010:0591-1)
sudo's handling of the -g command line option allowed to also specify -u in some cases, therefore allowing users to actually run commands as root CVE-2010-2956. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
CentOS Update for sudo CESA-2010:0675 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
VMSA-2011-0001 : VMware ESX third-party updates for Service Console packages glibc, sudo, and openldap
a. Service Console update for glibc The service console packages glibc, glibc-common, and nscd are each updated to version 2.5-34.4908.vmw. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2010-3847 and CVE-2010-3856 to the issues addressed in this update...
Fedora 12 : sudo-1.7.4p4-2.fc12 (2010-14996)
reset $HOME when the -i' option is used - update to new upstream version - sudo now uses /var/db/sudo for timestamps - new command available: sudoreplay - use native audit support - corrected license field value: BSD - ISC - added envkeep += HOME see rhbz614025 for backwards compatibility - added...
Fedora Update for sudo FEDORA-2010-14996
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[slackware-security] sudo
New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/sudo-1.7.4p4-i486-1slack13.1.txz: Upgraded. This fixes a flaw that coul...
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2010-257-02)
New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Securi...
Mandriva Update for sudo MDVSA-2010:175 (sudo)
Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2010:175 sudo Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for sudo FEDORA-2010-14355
Check for the Version of sudo OpenVAS Vulnerability Test Fedora Update for sudo FEDORA-2010-14355 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for sudo FEDORA-2010-14355
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Linux Security Advisory : sudo (MDVSA-2010:175)
A vulnerability has been found and corrected in sudo : Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a -u root sequence...
Fedora 13 : sudo-1.7.4p4-1.fc13 (2010-14355)
update to new upstream version - sudo now uses /var/db/sudo for timestamps - new command available: sudoreplay - use native audit support - corrected license field value: BSD - ISC - added envkeep += HOME see rhbz614025 for backwards compatibility - added Defaults !visiblepw - fixes CVE-2010-2956...
CVE-2010-2956
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence...
CVE-2010-2956
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence...
CVE-2010-2956
CVE-2010-2956 affects sudo 1.7.0–1.7.4p3 where configuring a Runas group and using -u with -g allows local privilege escalation via a crafted command line. The connected advisories (openSUSE, SUSE, Slackware, Scientific Linux, Oracle Linux, VMware/OpenVAS, MiracleLinux AXSA-2010-437:05) reference...
RedHat Update for sudo RHSA-2010:0675-01
Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2010:0675-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Ubuntu: Security Advisory (USN-983-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : sudo (openSUSE-SU-2010:0591-1)
sudo's handling of the -g command line option allowed to also specify -u in some cases, therefore allowing users to actually run commands as root CVE-2010-2956. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
RHEL 5 : sudo (RHSA-2010:0675)
The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2010:0675 advisory. - sudo: incorrect handling of RunAs specification with both user and group lists CVE-2010-2956 Note that Nessus has not tested for this issue but has...