Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : sudo-1.8.6p3-12.AXS4 (AXSA:2014-027:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-027:01 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while loggin...

6.9CVSS8.1AI score0.03202EPSS
Exploits8References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2013:0793-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.8AI score0.03202EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2013:1594-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.8AI score0.03202EPSS
Exploits8References2
Veracode
Veracode
added 2019/05/02 4:59 a.m.32 views

Improper Input Validation

The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain...

6.9CVSS8.3AI score0.03202EPSS
Exploits8References21Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/22 12:0 a.m.30 views

OracleVM 3.2 : sudo (OVMSA-2016-0079)

The remote OracleVM system is missing necessary patches to address critical security updates : - added patch for CVE-2014-0106: certain environment variables not sanitized when envreset is disabled Resolves: rhbz1072210 - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-277...

6.9CVSS6.1AI score0.03202EPSS
Exploits10References6
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.32 views

Amazon Linux: Security Advisory (ALAS-2013-259)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.9AI score0.03202EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.41 views

CentOS 6 : sudo (CESA-2013:1701)

An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.9CVSS8.1AI score0.03202EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.37 views

CentOS 5 : sudo (CESA-2013:1353)

An updated sudo package that fixes multiple security issues and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

6.9CVSS7.9AI score0.03202EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2013/12/14 12:0 a.m.32 views

Amazon Linux AMI : sudo (ALAS-2013-259)

A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...

6.9CVSS7.9AI score0.03202EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2013/12/10 12:0 a.m.36 views

Scientific Linux Security Update : sudo on SL6.x i386/x86_64 (20131121)

A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...

6.9CVSS8.1AI score0.03202EPSS
Exploits8References4
Oracle linux
Oracle linux
added 2013/11/25 12:0 a.m.50 views

sudo security, bug fix and enhancement update

1.8.6p3-12 - added patches for CVE-2013-1775 CVE-2013-2777 CVE-2013-2776 Resolves: rhbz1015355 1.8.6p3-11 - sssd: fixed a bug in ipahostname processing Resolves: rhbz853542 1.8.6p3-10 - sssd: fixed buffer size for the ipahostname value Resolves: rhbz853542 1.8.6p3-9 - sssd: match against...

6.9CVSS0.4AI score0.03202EPSS
Exploits8
OpenVAS
OpenVAS
added 2013/11/21 12:0 a.m.28 views

RedHat Update for sudo RHSA-2013:1701-02

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2013:1701-02 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

6.9CVSS0.1AI score0.03202EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2013/11/21 12:0 a.m.37 views

RedHat Update for sudo RHSA-2013:1701-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.8AI score0.03202EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2013/05/16 12:0 a.m.36 views

SuSE 10 Security Update : sudo (ZYPP Patch Number 8562)

This update fixes the following security issues which allowed to bypass the sudo authentication: CVE-2013-1775 / CVE-2013-1776 / CVE-2013-2776 / CVE-2013-2777. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

6.9CVSS7.8AI score0.03202EPSS
Exploits8References8
Tenable Nessus
Tenable Nessus
added 2013/05/16 12:0 a.m.39 views

SuSE 11.2 Security Update : sudo (SAT Patch Number 7705)

This update fixes the following security issues which allowed to bypass the sudo authentication: CVE-2013-1775 / CVE-2013-1776 / CVE-2013-2776 / CVE-2013-2777. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

6.9CVSS7.8AI score0.03202EPSS
Exploits8References12
NVD
NVD
added 2013/04/08 5:55 p.m.21 views

CVE-2013-2776

sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the ttytickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another...

4.4CVSS6.3AI score0.00373EPSS
Exploits0References17
OSV
OSV
added 2013/04/08 5:55 p.m.11 views

CVE-2013-2776

sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the ttytickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another...

6.3AI score
Exploits0References17
UbuntuCve
UbuntuCve
added 2013/04/08 5:55 p.m.27 views

CVE-2013-2776

sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the ttytickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another...

4.4CVSS7AI score0.00373EPSS
Exploits0References9
CVE
CVE
added 2013/04/08 5:0 p.m.84 views

CVE-2013-2776

CVE-2013-2776 affects sudo versions 1.3.5–1.7.10p5 and 1.8.0–1.8.6p6, where, on systems without /proc or with tty_tickets enabled, sudo fails to properly validate the controlling terminal. This allows a local user with sudo permissions to hijack another user’s authorization by interacting with th...

4.4CVSS8.1AI score0.00373EPSS
Exploits0References17Affected Software1
Cvelist
Cvelist
added 2013/04/08 5:0 p.m.29 views

CVE-2013-2776

sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the ttytickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another...

7.9AI score0.00373EPSS
Exploits0References17
Rows per page
Query Builder