4723 matches found
Important: sudo
Issue Overview: In sudo-1.8.23-10.amzn2.3.6 Amazon Linux 2 and sudo-1.8.23-10.58.amzn1 Amazon Linux 1, a user with an entry in the sudoers file, enabling them to run commands as another unprivileged user, can leverage it to run commands as root. No prior versions are affected. This issue has been...
Important: sudo
Issue Overview: In sudo-1.8.23-10.amzn2.3.6 Amazon Linux 2 and sudo-1.8.23-10.58.amzn1 Amazon Linux 1, a user with an entry in the sudoers file, enabling them to run commands as another unprivileged user, can leverage it to run commands as root. No prior versions are affected. This issue has been...
CLSA-2024-1708639645 sudo: Fix of CVE-2023-42465
Remove sudo-1.9.15-CVE-2023-42465.patch due to bug...
sudo: Fix of CVE-2023-42465
Remove sudo-1.9.15-CVE-2023-42465.patch due to bug...
CLSA-2024-1708639566 sudo: Fix of CVE-2023-42465
Remove sudo-1.9.15-CVE-2023-42465.patch due to bug...
CentOS 8 : sudo (CESA-2024:0811)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0811 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...
CLSA-2024-1708428112 sudo: Fix of CVE-2023-42465
CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...
CLSA-2024-1708427919 sudo: Fix of CVE-2023-42465
CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...
sudo: Fix of CVE-2023-42465
CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...
CLSA-2024-1708426650 sudo: Fix of CVE-2023-42465
CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...
CLSA-2024-1708426423 sudo: Fix of CVE-2023-42465
CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...
[SECURITY] Fedora 38 Update: sudo-1.9.15-1.p5.fc38
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
Fedora 38 : sudo (2024-6fa5af9ea8)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-6fa5af9ea8 advisory. Rabase to 1.9.15p5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Fedora: Security Advisory for sudo (FEDORA-2024-6fa5af9ea8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
sudo: Sudo does not escape control characters in sudoreplay output
A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where the "sudoreplay -l' command improperly escapes terminal control characters. As sudo's log messages may contain user-controlled strings, this could allow an attacker to inject terminal control commands,...
Moderate: Red Hat Security Advisory: sudo security update
A security update for sudo is now available for Red Hat Enterprise Linux 8 and 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
sudo: Targeted Corruption of Register and Stack Variables
A flaw was found in the sudo package. This issue could allow a local authenticated attacker to cause a bit to flip, which enables fault injection and may authenticate as the root user...
sudo: Sudo does not escape control characters in log messages
A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo's log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands,...
AlmaLinux 9 : sudo (ALSA-2024:0811)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0811 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...
Oracle Linux 8 / 9 : sudo (ELSA-2024-0811)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0811 advisory. - CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output Resolves: RHEL-21834 - CVE-2023-28486 sudo: Sudo does not escap...