MiracleLinux 4 : sudo-1.7.4p5-12.AXS4 (AXSA:2012-755:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-755:02 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Multiple Vulnerabilities (NS-SA-2022-0028)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers fil...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Multiple Vulnerabilities (NS-SA-2021-0101)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers fil...

NewStart CGSL MAIN 6.02 : sudo Multiple Vulnerabilities (NS-SA-2021-0120)

The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during...

Oracle: Security Advisory (ELSA-2012-1081)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Solaris Third-Party Patch Update : sudo (cve_2012_2337_restriction_bypass)

The remote Solaris system is missing necessary patches to address security updates : - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunist...

RHEL 6 : rhev-hypervisor6 (RHSA-2012:1200)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2012:1200 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

openSUSE Security Update : sudo (openSUSE-SU-2012:0652-1)

sudo did not always honor the HostList setting in /etc/sudoers properly %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-293. The text description of this plugin is C SUSE LLC...

Amazon Linux AMI : sudo (ALAS-2012-110)

A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on...

Oracle Linux 5 / 6 : sudo (ELSA-2012-1081)

The remote Oracle Linux 5 / 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2012-1081 advisory. 1.7.4p5-12 - added patch for CVE-2012-2337 Resolves: rhbz829756 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

VMSA-2013-0007 : VMware ESX third-party update for Service Console package sudo

a. Service Console update for sudo The service console package sudo is updated to version 1.7.2p1-14.el58.3 The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2012-2337 and CVE-2012-3440 to the issues addressed in this update. %NASLMINLEVEL 70300 C Tenable...

VMware ESX patch address security issues

a. Service Console update for sudoThe service console package sudo is updated to version 1.7.2p1-14.el58.3The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2012-2337 and CVE-2012-3440 to the issue addressed in this update. Column 4 of the following table lis...

VMSA-2013-0007:VMware ESX patch address security issues

VMSA-2013-0007.1 VMware ESX third party update for Service Console package sudo VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0007.1 VMware Security Advisory Synopsis: VMware ESX third party update for Service Console package sudo VMware Security Advisory Issue date:...

SuSE 11.1 Security Update : sudo, sudo-debuginfo, sudo-debugsource (SAT Patch Number 6306)

This update fixes a security problem in sudo : Multiple netmask values used in Host / HostList configuration caused any host to be allowed access. CVE-2012-2337 Also a bug in wildcard matching could allow too relaxed matches within subdirectories of the specified path so /usr/bin/ would also matc...

Fedora Update for sudo FEDORA-2012-7998

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes multiple security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

(RHSA-2012:1185) Moderate: rhev-hypervisor5 security and bug fix update

The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine KVM hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Re...

Gentoo Security Advisory GLSA 201207-01 (sudo)

The remote host is missing updates announced in advisory GLSA 201207-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Mandriva Update for sudo MDVSA-2012:079 (sudo)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for sudo MDVSA-2012:079 (sudo)

Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2012:079 sudo Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...