EUVD-2023-30399

Malicious code in bioql PyPI...

Rocky Linux 8 : systemd (RLSA-2023:3837)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3837 advisory. - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the systemctl stat...

EulerOS Virtualization 2.10.1 : systemd (EulerOS-SA-2023-2470)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers...

Oracle Linux 8 : systemd (ELSA-2023-3837)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3837 advisory. - Fix CVE-2023-26604 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

CLSA-2023-1688678794 Fix CVE(s): CVE-2023-26604

SECURITY UPDATE: local privilege escalation for some Sudo configurations - debian/patches/CVE-2023-26604.patch: set LESSSECURE to 1 - CVE-2023-26604 test issue: udev-test.pl is stopped by a timeout in a virtual environment - debian/patches/fix-udev-test.patch: skip this test in some cases...

AlmaLinux 8 : systemd (ALSA-2023:3837)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3837 advisory. - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the systemctl status...

EulerOS 2.0 SP9 : systemd (EulerOS-SA-2023-1880)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the...

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2023-1832)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : systemd (SUSE-SU-2023:1776-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1776-1 advisory. - An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific...

Debian dla-3377 : libnss-myhostname - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3377 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3377-1 [email protected] https://www.debian.org/lts/security/...

SUSE SLES12 Security Update : systemd (SUSE-SU-2023:1622-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1622-1 advisory. - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in whi...

CLSA-2023-1679349729 Fix CVE(s): CVE-2023-26604, CVE-2022-3821

SECURITY UPDATE: buffer overrun vulnerability in formattimespan - debian/patches/CVE-2022-3821.patch: fix buffer-over-run - CVE-2022-3821 SECURITY UPDATE: a local privelege escalation for some sudo configs was not blocked adequately - debian/patches/CVE-2023-26604.patch: use only less as a pager...

OESA-2023-1166 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed...

CVE-2023-26604

A vulnerability was found in the systemd package. The systemd package does not adequately block local privilege escalation for some Sudo configurations, for example, plausible sudoers files, in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to ...

CVE-2023-26604

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...

UBUNTU-CVE-2023-26604

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...

CVE-2023-26604

CVE-2023-26604 affects systemd before 247. The root cause is that systemd does not set LESSSECURE=1, allowing less to spawn as root and enabling local privilege escalation when systemctl is used from sudo. Existence of substantiated impact: local privilege escalation with high severity. Remediati...

CVE-2023-26604

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...

CVE-2023-26604

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...

PT-2020-6889 · Systemd +8 · Systemd +8

Name of the Vulnerable Software and Affected Versions: systemd versions prior to 247 Description: The issue is related to inadequate blocking of local privilege escalation for some Sudo configurations, specifically when the "systemctl status" command may be executed. This is due to systemd not...