4723 matches found
Updated sudo packages fix security vulnerability
A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is no...
sudo security update
CentOS Errata and Security Advisory CESA-2021:0221 An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important Photon OS Security Update - PHSA-2021-0188
Updates of 'sudo' packages of Photon OS have been released...
Sudo Buffer Overflow Vulnerability
Sudo is a program used on Unix-like systems that allows the user to execute commands in a secure way with special privileges. Sudo suffers from a buffer overflow vulnerability. An attacker can exploit this vulnerability to gain root privileges on the system...
Sudo version 1.8.2 to 1.8.31p2 Heap-Based Buffer Overflow Vulnerability
Qualys has released extensive research details regarding a heap-based buffer overflow vulnerability in sudo. The issue was introduced in July 2011 commit 8255ed69, and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1, in their default configuration...
sudo security update
1.8.23-10.1 - RHEL 7.9.Z ERRATUM - CVE-2021-3156 Resolves: rhbz1917729...
Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1
Jan. 27, 2021 Evgeny Sinelnikov 1:1.9.5p2-alt1 - Update to latest security release fixes: CVE-2021-3156 closes: 39615 - Added sudo-python package with Sudo Python Plugin API - Added sudo-logsrvd package with High-performance log server...
Fedora 32 : sudo (2021-8840cbdccd)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-8840cbdccd advisory. - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via...
Oracle Linux 8 : sudo (ELSA-2021-0218)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-0218 advisory. 1.8.29-6.1 - RHEL 8.3.Z ERRATUM - CVE-2021-3156 Resolves: rhbz1917732 Tenable has extracted the preceding description block directly from the Oracle Linux...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Sudo vulnerabilities (USN-4705-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4705-1 advisory. It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue...
RHEL 8 : sudo (RHSA-2021:0220)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0220 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
RHEL 7 : sudo (RHSA-2021:0224)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0224 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Oracle Linux 7 : sudo (ELSA-2021-0221)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0221 advisory. 1.8.23-10.1 - RHEL 7.9.Z ERRATUM - CVE-2021-3156 Resolves: rhbz1917729 Tenable has extracted the preceding description block directly from the Oracle Linux...
Debian DSA-4839-1 : sudo - security update
The Qualys Research Labs discovered a heap-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users. Any local user sudoers and non-sudoers can exploit this flaw for root privilege escalation. %NASLMINLEVEL 70300 C Tenable Network...
FreeBSD : sudo -- Multiple vulnerabilities (f3cf4b33-6013-11eb-9a0e-206a8a720317)
Todd C. Miller reports : When invoked as sudoedit, the same set of command line options are now accepted as for sudo -e. The -H and -P options are now rejected for sudoedit and sudo -e which matches the sudo 1.7 behavior. This is part of the fix for CVE-2021-3156. Fixed a potential buffer overflo...
RHEL 8 : sudo (RHSA-2021:0218)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0218 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
CentOS: Security Advisory for sudo (CESA-2021:0221)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Sudo Heap-Based Buffer Overflow Vulnerability (Baron Samedit) - Version Check
Sudo is prone to a heap-based buffer overflow vulnerability dubbed SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sudo Heap-Based Buffer Overflow Vulnerability (Baron Samedit) - Active Check
Sudo is prone to a heap-based buffer overflow vulnerability dubbed SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Important Photon OS Security Update - PHSA-2021-3.0-0188
Updates of 'sudo' packages of Photon OS have been released...