49 matches found
MiracleLinux 7 : sudo-1.8.6p7-23.el7 (AXSA:2017-1708:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-1708:02 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...
K23151384: Sudo vulnerabilities CVE-2017-1000367 and CVE-2017-1000368
Security Advisory Description CVE-2017-1000367 Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution. CVE-2017-1000368 Todd Miller's sudo version 1.8.20p1 and...
NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Multiple Vulnerabilities (NS-SA-2021-0101)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers fil...
SUSE: Security Advisory (SUSE-SU-2017:1626-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1627-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1778-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:1771-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : sudo (EulerOS-SA-2020-1989)
According to the versions of the sudo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1989)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities in sudo, glibc affect IBM SmartCloud Entry (CVE-2017-1000368 CVE-2017-1000366)
Summary Multiple vulnerabilities have been identified in sudo and glibc. Sudo and glibc are used by IBM SmartCloud Entry. IBM SmartCloud Entry has addressed the vulnerabilities Vulnerability Details CVEID: CVE-2017-1000368 DESCRIPTION: sudo could allow a local attacker to gain elevated privileges...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2017-1121)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2017-1120)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : sudo vulnerability (USN-3968-2)
USN-3968-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details : It was discovered that Sudo did not properly parse the contents of /proc/pid/stat when attempting to determine its controlling tty. A local attacker in some...
USN-3968-1: Sudo vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and...
EulerOS Virtualization 3.0.1.0 : sudo (EulerOS-SA-2019-1449)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw was found in the way sudo parsed tty information from...
Ubuntu 16.04 LTS : Sudo vulnerabilities (USN-3968-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3968-1 advisory. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use...
Ubuntu: Security Advisory (USN-3968-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3968-1: Sudo vulnerabilities
Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. CVE-2016-7076 It was discovered that Sudo did not properly parse the...
Photon OS 1.0: Sudo PHSA-2017-0021
An update of the sudo package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0021. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121703;...
Security Bulletin: A vulnerability in sudo affects PowerKVM
Summary PowerKVM is affected by a vulnerability in sudo. IBM has now addressed this vulnerability, which is described by two CVEs. Vulnerability Details CVEID: CVE-2017-1000367 DESCRIPTION: sudo could allow a local attacker to gain elevated privileges, caused by improper parsing in the...