22 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-19234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered,...
K000148482: Sudo vulnerability CVE-2019-19234
Security Advisory Description In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The...
RHEL 7 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: Unauthorized privilege escalation in sudoedit CVE-2015-5602 - sudo: by using ! character in the...
RHEL 6 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: by using ! character in the shadow file instead of a password hash can access to a run as all sudoe...
Mageia: Security Advisory (MGASA-2020-0246)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 8 package sudo version 1:1.9.2-alt1
Aug. 30, 2020 Evgeny Sinelnikov 1:1.9.2-alt1 - Update to latest release of the sudo 1.9 Fixes: CVE-2019-19232, CVE-2019-19234 - Added sudo event and I/O log server - Added send sudo I/O log to log server utility - Added selinux support - Added native audit support...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1785)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : sudo (EulerOS-SA-2020-1785)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of ...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1662)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1564)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1435)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : sudo (EulerOS-SA-2020-1349)
According to the versions of the sudo package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1349)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for sudo (FEDORA-2020-7c1b270959)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : sudo (2020-8b563bc5f4)
update to latest development version 1.9.0b1 - added sudologsrvd and sudosendlog to files and their appropriate man pages Resolves: rhbz1787823 - Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz1796945 - fixes: CVE-2019-18634 - By using ! character in the shadow file...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1135)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 1.0: Sudo PHSA-2020-1.0-0264
An update of the sudo package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0264. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid132985;...
CVE-2019-19234
When an account is disabled via the shadow file, by replacing the password hash with "!", it is not considered disabled by sudo. And depending on the configuration, sudo can be run by using such disabled account. Mitigation This flaw basically allows users which have disabled account in /etc/shad...
CVE-2019-19234
In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...
CVE-2019-19234
In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...