Astra Linux - уязвимость в sudo

In Sudo version 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by executing sudo with a numerical UID that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability, as executing a command via sudo as...

Astra Linux - уязвимость в sudo

In Sudo version 1.8.29, the fact that a user has been blocked for example, by using the “!” character in the shadow file instead of a password hash was not taken into consideration. This allows an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The...

MiracleLinux 7 : sudo-1.8.23-10.el7.3 (AXSA:2023-4846:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4846:02 advisory. sudo: arbitrary file write with privileges of the RunAs user CVE-2023-22809 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : sudo-1.9.5p2-7.el9.1 (AXSA:2023-4872:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4872:03 advisory. sudo: arbitrary file write with privileges of the RunAs user CVE-2023-22809 Tenable has extracted the preceding description block directly from the...

CVE-2001-1517

RunAs runas.exe in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying tha...

CVE-2001-1518

RunAs runas.exe in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service RunAs hang by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the...

BIT-WILDFLY-2022-0866

This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...

EUVD-2019-1697

Malware in sbrugna...

EUVD-2001-1495

Malware in sbrugna...

EUVD-2022-15908

Malicious code in bioql PyPI...

CVE-2019-0962

An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'...

Windows Escalate UAC Execute RunAs Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Execute RunAs', 'Description' = %q This module will attempt to elevate execution level using the ShellExecute undocumented...

Windows Escalate UAC Execute RunAs

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Execute RunAs', 'Description' = %q This module will attempt to elevate execution level using the ShellExecute undocumented...

RHEL 5 : sudo (RHSA-2019:4191)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:4191 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

Denial Of Service (DoS)

Firefox ESR is vulnerable to Denial Of Service DoS. The vulnerability occurs if Windows does not duplicate a handle during process creation. In such cases, the sandbox code may unintentionally free a pointer twice, leading to a use-after-free situation and a potentially exploitable crash. This bu...

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

SUSE CVE-2010-0427

sudo 1.6.x before 1.6.9p21, when the runasdefault option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command...

SUSE CVE-2010-2956

Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence...

SUSE CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

SUSE CVE-2011-2527

The changeprocessuid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host...