Lucene search
K

41 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : sudo-1.8.6p3-19.AXS4 (AXSA:2015-227:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-227:01 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

3.3CVSS5.7AI score0.0047EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2014-9680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for rea...

3.3CVSS6.3AI score0.0047EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 5 : sudo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: noexec bypass via wordexp CVE-2016-7076 - sudo before 1.8.12 does not ensure that the TZ environmen...

7.8CVSS6.9AI score0.03295EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.16 views

RHEL 4 : sudo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sudo: unsafe handling of TZ environment variable CVE-2014-9680 Note that Nessus has not tested for this issue but h...

3.3CVSS6.9AI score0.0047EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.16 views

Debian: Security Advisory (DLA-160-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6CVSS4.3AI score0.0047EPSS
Exploits3References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 7:48 p.m.83 views

Security Bulletin: A vulnerability in sudo affects IBM Security Network Intrusion Prevention System (CVE-2014-9680)

Summary A security vulnerability has been discovered in sudo used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-9680 DESCRIPTION: Todd Miller sudo could allow a local attacker to bypass security restrictions, caused by the failure to check the TZ...

3.3CVSS4.7AI score0.0047EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2015-0079)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS4.4AI score0.0047EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.28 views

NewStart CGSL MAIN 6.02 : sudo Multiple Vulnerabilities (NS-SA-2021-0120)

The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during...

7.8CVSS7.6AI score0.99295EPSS
Exploits108References25
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2015:0985-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.6CVSS5AI score0.0047EPSS
Exploits3References12
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2016:2904-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.00493EPSS
Exploits1References8
OSV
OSV
added 2017/04/24 6:59 a.m.5 views

CVE-2014-9680

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as demonstrated by interfering with terminal output,...

3.3CVSS3.8AI score
Exploits0References7
NVD
NVD
added 2017/04/24 6:59 a.m.17 views

CVE-2014-9680

sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as demonstrated by interfering with terminal output,...

3.3CVSS4AI score0.0047EPSS
Exploits1References5
CVE
CVE
added 2017/04/24 6:12 a.m.200 views

CVE-2014-9680

CVE-2014-9680 : sudo before 1.8.12 fails to sanitize the TZ environment variable, allowing a local attacker to bypass restrictions and potentially cause a denial of service or read/open unauthorized files via a sudo session. Connected advisories/docs corroborate local-execution impact and recomme...

3.3CVSS3.8AI score0.0047EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/11/25 12:0 a.m.36 views

SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2016:2904-1)

This update for sudo fixes the following security issues : - Fix two security vulnerabilities that allowed users to bypass sudo's NOEXEC functionality : - noexec bypass via system and popen CVE-2016-7032, bsc1007766 - noexec bypass via wordexp CVE-2016-7076, bsc1007501 - Fix unsafe handling of TZ...

7.8CVSS6.4AI score0.00493EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2015/11/20 12:0 a.m.34 views

openSUSE Security Update : sudo (openSUSE-2015-687)

sudo was updated to fix one security issue. This security issue was fixed : - CVE-2014-9680: Unsafe handling of TZ environment variable bsc917806. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...

3.3CVSS5.4AI score0.0047EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/11/05 12:0 a.m.24 views

openSUSE Security Update : sudo (openSUSE-2015-703)

sudo was updated to fix one security issue. This security issue was fixed : - CVE-2014-9680: Unsafe handling of TZ environment variable bsc917806. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...

3.3CVSS5.4AI score0.0047EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.17 views

Oracle: Security Advisory (ELSA-2015-1409)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS4.3AI score0.0047EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.32 views

Gentoo Security Advisory GLSA 201504-02

Gentoo Linux Local Security Checks GLSA 201504-02 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

3.3CVSS5.2AI score0.0047EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/08/04 12:0 a.m.28 views

Scientific Linux Security Update : sudo on SL6.x i386/x86_64 (20150722)

It was discovered that sudo did not perform any checks of the TZ environment variable value. If sudo was configured to preserve the TZ environment variable, a local user with privileges to execute commands via sudo could possibly use this flaw to achieve system state changes not permitted by the...

3.3CVSS5.8AI score0.0047EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/07/31 12:0 a.m.26 views

OracleVM 3.3 : sudo (OVMSA-2015-0103)

The remote OracleVM system is missing necessary patches to address critical security updates : - RHEL-6.7 erratum - modified the authlogicfix patch to fix 1144448 - fixed a bug in the ldapusermatchfix patch Resolves: rhbz1144448 Resolves: rhbz1142122 - RHEL-6.7 erratum - fixed the...

3.3CVSS5.6AI score0.0047EPSS
Exploits1References2
Rows per page
Query Builder