15 matches found
EUVD-2025-150364
sudo-rs doesn't record authenticating user properly in timestamp...
Alibaba Cloud Linux 3 : 0113: sudo (ALINUX3-SA-2022:0113)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0113 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-14287: In Sudo before 1.8.28, an...
RHSA-2023:0291 Red Hat Security Advisory: sudo security update
Bulletin has no description...
RHSA-2021:0226 Red Hat Security Advisory: sudo security update
Bulletin has no description...
SUSE-SU-2023:1699-1 Security update for sudo
This update for sudo fixes the following issue: Security fixes: - CVE-2023-28486: Fixed missing control characters escaping in log messages bsc1209362. - CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output bsc1209361. Other fixes: - Fix a situation where 'sudo -U...
PT-2022-5350 · Sudo +5 · Sudo +5
Name of the Vulnerable Software and Affected Versions: Sudo versions 1.8.0 through 1.9.12 Description: The issue is related to an array-out-of-bounds error in the plugins/sudoers/auth/passwd.c file of the Sudo program when using the crypt password backend. This error can result in a heap-based...
CVE-2019-18634
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist on...
SUSE-SU-2019:2667-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers bsc1153674...
DSA-4543-1 sudo - security update
Bulletin has no description...
DLA-970-1 sudo - security update
Bulletin has no description...
DSA-3867-1 sudo - security update
Bulletin has no description...
CVE-2010-2956
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence...
CVE-2010-1646
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable...
Heap overflow in sudo
Heap overflow in -p switch processing...
Переполнение буфера в sudo (buffer overflow)
Переполнение буфера...