11 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-5602
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in...
RHEL 7 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: Unauthorized privilege escalation in sudoedit CVE-2015-5602 - sudo: by using ! character in the...
RHEL 5 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: noexec bypass via wordexp CVE-2016-7076 - sudo before 1.8.12 does not ensure that the TZ environmen...
NewStart CGSL MAIN 6.02 : sudo Multiple Vulnerabilities (NS-SA-2021-0120)
The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during...
Fedora 23 : sudo-1.8.15-1.fc23 (2015-386863df8a)
sudo-1.8.15-1.fc21 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc22 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc23 - update to 1.8.15 - fixes CVE-2015-5602 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...
Fedora 22 : sudo-1.8.15-1.fc22 (2015-6a267387c0)
sudo-1.8.15-1.fc21 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc22 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc23 - update to 1.8.15 - fixes CVE-2015-5602 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...
FreeBSD : sudo -- potential privilege escalation via symlink misconfiguration (2e8cdd36-c3cc-11e5-b5fe-002590263bf5)
MITRE reports : sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by '/home///file.txt.' %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...
CVE-2015-5602
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...
Mageia: Security Advisory (MGASA-2015-0443)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sudo 1.8.14 - Unauthorized Privilege Vulnerability
Exploit for linux platform in category local exploits Exploit Title: sudo -e - a.k.a. sudoedit - unauthorized privilege escalation Date: 07-23-2015 Exploit Author: Daniel Svartman Version: Sudo ALL=root NOPASSWD: sudoedit /home///test.txt Then, logged as that user, create a subdirectory within it...
Sudo 1.8.14 (RHEL 5/6/7 / Ubuntu) - 'Sudoedit' Unauthorized Privilege Escalation
Exploit Title: sudo -e - a.k.a. sudoedit - unauthorized privilege escalation Date: 07-23-2015 Exploit Author: Daniel Svartman Version: Sudo ALL=root NOPASSWD: sudoedit /home///test.txt Then, logged as that user, create a subdirectory within its home folder e.g. /home//newdir and later create a...