MiracleLinux 4 : sudo-1.8.6p3-25.AXS4 (AXSA:2016-1156:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-1156:02 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while loggi...

Linux Distros Unpatched Vulnerability : CVE-2016-7032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudonoexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the 1 system o...

Debian: Security Advisory (DLA-707-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2904-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3968-3: Sudo vulnerabilities

USN-3968-1 fixed several vulnerabilities in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2017-1004)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in sudo.

Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in sudo. Vulnerability Details Summary IBM Dynamic System Analysis DSA Preboot has addressed the following vulnerabilities in sudo. Vulnerability Details CVEID: CVE-2016-7032 Description: Sudo could allow ...

Virtuozzo 7 : sudo / sudo-devel (VZLSA-2016-2872)

An update for sudo is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

CentOS Update for sudo CESA-2016:2872 centos7

Check the version of sudo SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882742";...

OracleVM 3.3 / 3.4 : sudo (OVMSA-2017-0110)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fixes CVE-2017-1000367 Resolves: rhbz1455399 - Update noexec syscall blacklist - Fixes CVE-2016-7032, CVE-2016-7076 Resolves: rhbz1391938 - RHEL-6.9 erratum - Fix race condition when creating...

EulerOS 2.0 SP1 : sudo (EulerOS-SA-2017-1004)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen, or wordexp C librar...

CVE-2016-7032

sudonoexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the 1 system or 2 popen function...

CVE-2016-7032

CVE-2016-7032 (sudo noexec bypass) A local attacker could exploit sudo_noexec.so in Sudo to bypass noexec restrictions by calling system() or popen. Affected software: sudo before 1.8.15 on Linux. Underlying issue: bypass of the sudo noexec restriction when an application uses system() or popen, ...

Amazon Linux AMI : sudo (ALAS-2017-780)

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system or popen C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use this flaw to execute...

Medium: sudo

Issue Overview: It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system or popen C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use this flaw t...

Scientific Linux Security Update : sudo on SL6.x, SL7.x i386/x86_64 (20161206)

Security Fixes : - It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen, or wordexp C library functions with a user-supplied argument. A local user permitted to run such application via sudo with noexec restriction could us...

CentOS Update for sudo CESA-2016:2872 centos6

Check the version of sudo SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882609";...

sudo security update

CentOS Errata and Security Advisory CESA-2016:2872 An update for sudo is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, whic...

RedHat Update for sudo RHSA-2016:2872-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.3 / 3.4 : sudo (OVMSA-2016-0170)

The remote OracleVM system is missing necessary patches to address critical security updates : - Update noexec syscall blacklist - Fixes CVE-2016-7032, CVE-2016-7076 Resolves: rhbz1391937 - RHEL-6.8 erratum - fixed a bug causing that non-root users can list privileges of other users Resolves:...