Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Sudo vulnerability (USN-8092-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8092-1 advisory. It was discovered that Sudo incorrectly checked return codes when dropping privileges to run the mailer. A local attacker could possibly use...

USN-8092-1: Sudo vulnerability

It was discovered that Sudo incorrectly checked return codes when dropping privileges to run the mailer. A local attacker could possibly use this issue to escalate privileges...

DEBIAN-CVE-2023-40303

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...

CVE-2017-14681

The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for p3scan.pid modification before a root script executes a "kill cat...

Ubuntu: Security Advisory (USN-1140-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...