19 matches found
MiracleLinux 4 : sudo-1.8.6p3-12.AXS4 (AXSA:2014-027:01)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-027:01 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while loggin...
SUSE: Security Advisory (SUSE-SU-2013:0793-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2013:1594-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Improper Input Validation
The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain...
OracleVM 3.2 : sudo (OVMSA-2016-0079)
The remote OracleVM system is missing necessary patches to address critical security updates : - added patch for CVE-2014-0106: certain environment variables not sanitized when envreset is disabled Resolves: rhbz1072210 - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-277...
Amazon Linux: Security Advisory (ALAS-2013-259)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 6 : sudo (CESA-2013:1701)
An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Amazon Linux AMI : sudo (ALAS-2013-259)
A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...
Scientific Linux Security Update : sudo on SL6.x i386/x86_64 (20131121)
A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's...
sudo security, bug fix and enhancement update
1.8.6p3-12 - added patches for CVE-2013-1775 CVE-2013-2777 CVE-2013-2776 Resolves: rhbz1015355 1.8.6p3-11 - sssd: fixed a bug in ipahostname processing Resolves: rhbz853542 1.8.6p3-10 - sssd: fixed buffer size for the ipahostname value Resolves: rhbz853542 1.8.6p3-9 - sssd: match against...
RedHat Update for sudo RHSA-2013:1701-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for sudo RHSA-2013:1701-02
Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2013:1701-02 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
SuSE 11.2 Security Update : sudo (SAT Patch Number 7705)
This update fixes the following security issues which allowed to bypass the sudo authentication: CVE-2013-1775 / CVE-2013-1776 / CVE-2013-2776 / CVE-2013-2777. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...
SuSE 10 Security Update : sudo (ZYPP Patch Number 8562)
This update fixes the following security issues which allowed to bypass the sudo authentication: CVE-2013-1775 / CVE-2013-1776 / CVE-2013-2776 / CVE-2013-2777. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
CVE-2013-2777
sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...
CVE-2013-2777
sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...
CVE-2013-2777
sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...
CVE-2013-2777
CVE-2013-2777 affects sudo before 1.7.10p5 and 1.8.x before 1.8.6p6 when tty_tickets is enabled. The flaw is improper validation of the controlling terminal device, allowing a local user with sudo privileges to hijack the authorization of another terminal by interacting with the session without a...
CVE-2013-2777
sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...