The vulnerability of the sudo system administration program, related to the activation of functions from an untrusted controlled area when using the "-R" ("--chroot") option, allows a perpetrator to execute arbitrary code and increase their privileges.

The vulnerability of the sudo system administration program relates to the inclusion of functions from an unverified controlled area when the "-R" "--chroot" option is used. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and increase their privileges by placing t...

[SECURITY] [DSA 3867-1] sudo security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3867-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 30, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3867-1] sudo security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3867-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 30, 2017 https://www.debian.org/security/faq -...

DEBIAN-CVE-2010-3853

pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pamnamespace PAM...

CVE-2008-3825

pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...