EUVD-2016-7956

Malware in sbrugna...

Ubuntu 16.04 LTS : Sudo vulnerabilities (USN-3968-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3968-1 advisory. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use...

CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...

CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...

Design/Logic Flaw

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...

CVE-2016-7076

CVE-2016-7076 affects the sudo utility prior to version 1.8.18p1. The root cause is a bypass of the noexec restriction when a user-supplied argument is passed to the C library function wordexp() during execution via sudo, enabling a local user to run an application with noexec and potentially exe...

CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...

CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...

CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...

CentOS Update for sudo CESA-2016:2872 centos7

Check the version of sudo SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882742";...

Scientific Linux Security Update : sudo on SL6.x, SL7.x i386/x86_64 (20161206)

Security Fixes : - It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen, or wordexp C library functions with a user-supplied argument. A local user permitted to run such application via sudo with noexec restriction could us...

sudo security update

CentOS Errata and Security Advisory CESA-2016:2872 An update for sudo is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, whic...

[SECURITY] [DLA 707-1] sudo security update

Package : sudo Version : 1.8.5p2-1+nmu3+deb7u2 CVE ID : CVE-2016-7032 CVE-2016-7076 Debian Bug : 842507 It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system, popen or wordexp C library functions with a user supplied argument. A...

DLA-707-1 sudo - security update

Bulletin has no description...

CVE-2016-7032

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system or popen C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use this flaw to execute...

CVE-2016-7076

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute...