SUSE CVE-2025-45311

Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...

CVE-2025-45311

Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...

Local Privilege Escalation

github.com/linuxdeepin/lastore-daemon is vulnerable to Local Privilege Escalation. The vulnerability is due to insecure D-Bus configuration due to allowing users in the sudo group to invoke the InstallPackage method without authentication, enabling arbitrary code execution as root via crafted .de...

VyOS restricted-shell Escape and Privilege Escalation

This module exploits command injection vulnerabilities and an insecure default sudo configuration on VyOS versions 1.0.0 use exploit/linux/ssh/vyosrestrictedshellprivesc msf exploitvyosrestrictedshellprivesc show targets ...targets... msf exploitvyosrestrictedshellprivesc set TARGET msf...

sudo-snooper - Python script to fool sudo users

sudo-snooper acts like the original sudo binary to fool users into entering their passwords. It will show a fake prompt just like the original to the user to enter their sudo password. This can be useful in penetration tests or security evaluations for testing user knowledge. Installation steps...

security flaw

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

security flaw

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...

sudo: Arbitrary command execution

Background sudo allows a system administrator to give users the ability to run commands as other users. Description The sudoers file is used to define the actions sudo users are permitted to perform. Charles Morris discovered that a specific layout of the sudoers file could cause the results of a...

GLSA-200506-22 : sudo: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200506-22 sudo: Arbitrary command execution The sudoers file is used to define the actions sudo users are permitted to perform. Charles Morris discovered that a specific layout of the sudoers file could cause the results of an...