4723 matches found
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-1566)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for sudo (FEDORA-2023-cb5df36beb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: sudo-1.9.13-1.p2.fc36
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
Fedora 36 : sudo (2023-cb5df36beb)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-cb5df36beb advisory. Security fix for CVE-2023-27320 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
EulerOS 2.0 SP10 : sudo (EulerOS-SA-2023-1566)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR,...
OESA-2023-1166 systemd security update
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed...
OESA-2023-1160 sudo security update
Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: Sudo before 1.9.13p2 has a double free in the per-command...
CVE-2023-28487
A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where the "sudoreplay -l' command improperly escapes terminal control characters. As sudo's log messages may contain user-controlled strings, this could allow an attacker to inject terminal control commands,...
CVE-2023-28486
A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo's log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands,...
SUSE CVE-2023-28486
Sudo before 1.9.13 does not escape control characters in log messages...
SUSE CVE-2023-28487
Sudo before 1.9.13 does not escape control characters in sudoreplay output...
CVE-2023-28486
Sudo before 1.9.13 does not escape control characters in log messages...
CVE-2023-28486
Sudo before 1.9.13 does not escape control characters in log messages...
CVE-2023-28487
Sudo before 1.9.13 does not escape control characters in sudoreplay output...
CVE-2023-28486
Sudo before 1.9.13 does not escape control characters in log messages...
CVE-2023-28487
Sudo before 1.9.13 does not escape control characters in sudoreplay output...
CVE-2023-28487
Sudo before 1.9.13 does not escape control characters in sudoreplay output...
DEBIAN-CVE-2023-28487
Sudo before 1.9.13 does not escape control characters in sudoreplay output...
DEBIAN-CVE-2023-28486
Sudo before 1.9.13 does not escape control characters in log messages...
Code injection
Sudo before 1.9.13 does not escape control characters in log messages...