4723 matches found
GHSA-RVXR-PF5F-J2QJ OpenStack Kolla sudo privilege escalation vulnerability
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...
OpenStack Kolla sudo privilege escalation vulnerability
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...
CVE-2022-38060
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...
CVE-2022-38060
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...
Privilege escalation
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges...
OpenStack 代码问题漏洞
OpenStack is a cloud platform management program of the National Aeronautics and Space Administration NASA. OpenStack suffers from a security vulnerability that stems from an elevation of privileges vulnerability in the sudo function, where a misconfiguration in /etc/sudoers within a container...
OpenStack Kolla sudo privilege escalation vulnerability
Talos Vulnerability Report TALOS-2022-1589 OpenStack Kolla sudo privilege escalation vulnerability December 20, 2022 CVE Number CVE-2022-38060 SUMMARY A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers...
Intel Data Center Manager 5.1 Local Privilege Escalation Vulnerability
The latest version 5.1 and all prior versions of Intel's Data Center Manager are vulnerable to a local privileges escalation vulnerability using the application user "dcm" used to run the web application and the rest interface. An attacker who gained remote code execution using this dcm user i.e....
Intel Data Center Manager 5.1 Local Privilege Escalation
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html Type: Incorrect Use of Privileged APIs CWE-648 Date...
CVE-2022-43995 affecting package sudo for versions less than 1.9.12p1-1
CVE-2022-43995 affecting package sudo for versions less than 1.9.12p1-1. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2022:4280-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : sudo (SUSE-SU-2022:4280-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4280-1 advisory. - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can...
SUSE-SU-2022:4280-1 Security update for sudo
This update for sudo fixes the following issues: Security fixes: - CVE-2022-43995: Fixed a potential heap-based buffer over-read when entering a password of seven characters or fewer and using the crypt password backend bsc1204986. Other: - Make sure SIGCHLD is not ignored when sudo is executed;...
SUSE SLES12 Security Update : sudo (SUSE-SU-2022:4240-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4240-1 advisory. - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can...
SUSE-SU-2022:4240-1 Security update for sudo
This update for sudo fixes the following issues: Security fixes: - CVE-2022-43995: Fixed a potential heap-based buffer over-read when entering a password of seven characters or fewer and using the crypt password backend bsc1204986. Other: - Make sure SIGCHLD is not ignored when sudo is executed;...
SUSE: Security Advisory (SUSE-SU-2022:4240-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-43995 affecting package sudo 1.9.5p2-2
CVE-2022-43995 affecting package sudo 1.9.5p2-2. An upgraded version of the package is available that resolves this issue...
sudo: Heap-Based Buffer Overread
Background sudo allows a system administrator to give users the ability to run commands as other users. Description In certain password input handling, sudo incorrectly assumes the password input is at least nine bytes in size, leading to a heap buffer overread. Impact In the worst case, the heap...
GLSA-202211-08 : sudo: Heap-Based Buffer Overread
The remote host is affected by the vulnerability described in GLSA-202211-08 sudo: Heap-Based Buffer Overread - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can...
ROS-20221121-01
A vulnerability in the plugins/sudoers/auth/passwd.c file of the Sudo system administration program is related to the following the ability to read outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...