Lucene search
+L

22 matches found

nessus
nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2019-19234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered,...

7.5CVSS6.3AI score0.02831EPSS
Exploits0References2
f5
f5
added 2024/11/11 2:11 p.m.17 views

K000148482: Sudo vulnerability CVE-2019-19234

Security Advisory Description In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The...

7.5CVSS6.1AI score0.02831EPSS
Exploits0
nessus
nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 7 : sudo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: Unauthorized privilege escalation in sudoedit CVE-2015-5602 - sudo: by using ! character in the...

7.5CVSS7.3AI score0.03295EPSS
Exploits5References5
nessus
nessus
added 2024/05/11 12:0 a.m.42 views

RHEL 6 : sudo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: by using ! character in the shadow file instead of a password hash can access to a run as all sudoe...

8.4AI score0.03295EPSS
Exploits3References8
openvas
openvas
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2020-0246)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.03295EPSS
Exploits0References5
altlinux
altlinux
added 2020/08/30 12:0 a.m.52 views

Security fix for the ALT Linux 8 package sudo version 1:1.9.2-alt1

Aug. 30, 2020 Evgeny Sinelnikov 1:1.9.2-alt1 - Update to latest release of the sudo 1.9 Fixes: CVE-2019-19232, CVE-2019-19234 - Added sudo event and I/O log server - Added send sudo I/O log to log server utility - Added selinux support - Added native audit support...

5CVSS7.8AI score0.03295EPSS
Exploits0
openvas
openvas
added 2020/07/03 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1785)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.19426EPSS
Exploits13References2
nessus
nessus
added 2020/07/01 12:0 a.m.27 views

EulerOS Virtualization 3.0.6.0 : sudo (EulerOS-SA-2020-1785)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of ...

7.8CVSS7AI score0.19426EPSS
Exploits13References4
openvas
openvas
added 2020/06/16 12:0 a.m.37 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1662)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.19426EPSS
Exploits13References2
openvas
openvas
added 2020/04/30 12:0 a.m.264 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1564)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.19426EPSS
Exploits13References2
openvas
openvas
added 2020/04/16 12:0 a.m.62 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1435)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.19426EPSS
Exploits13References2
nessus
nessus
added 2020/04/02 12:0 a.m.32 views

EulerOS Virtualization for ARM 64 3.0.6.0 : sudo (EulerOS-SA-2020-1349)

According to the versions of the sudo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file...

7.8CVSS7AI score0.19426EPSS
Exploits13References4
openvas
openvas
added 2020/04/01 12:0 a.m.41 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1349)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.19426EPSS
Exploits13References2
openvas
openvas
added 2020/03/17 12:0 a.m.25 views

Fedora: Security Advisory for sudo (FEDORA-2020-7c1b270959)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8.9AI score0.03295EPSS
Exploits0References2
nessus
nessus
added 2020/03/06 12:0 a.m.45 views

Fedora 31 : sudo (2020-8b563bc5f4)

update to latest development version 1.9.0b1 - added sudologsrvd and sudosendlog to files and their appropriate man pages Resolves: rhbz1787823 - Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz1796945 - fixes: CVE-2019-18634 - By using ! character in the shadow file...

7.8CVSS6.9AI score0.19426EPSS
Exploits13References4
openvas
openvas
added 2020/02/24 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1135)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.19426EPSS
Exploits13References2
nessus
nessus
added 2020/01/16 12:0 a.m.55 views

Photon OS 1.0: Sudo PHSA-2020-1.0-0264

An update of the sudo package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0264. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid132985;...

7.5CVSS6.6AI score0.03295EPSS
Exploits0References3
redhatcve
redhatcve
added 2019/12/27 12:8 p.m.29 views

CVE-2019-19234

When an account is disabled via the shadow file, by replacing the password hash with "!", it is not considered disabled by sudo. And depending on the configuration, sudo can be run by using such disabled account. Mitigation This flaw basically allows users which have disabled account in /etc/shad...

7.5CVSS4.9AI score0.02831EPSS
Exploits0References4
osv
osv
added 2019/12/19 9:15 p.m.8 views

CVE-2019-19234

In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...

7.5CVSS7.5AI score0.02831EPSS
Exploits0References19
ubuntucve
ubuntucve
added 2019/12/19 9:15 p.m.25 views

CVE-2019-19234

In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...

7.5CVSS6.5AI score0.02831EPSS
Exploits0References3
Rows per page
Query Builder