4723 matches found
[SECURITY] Fedora 32 Update: sudo-1.9.5p1-1.fc32
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
Fedora 32 : sudo (2021-234d14bfcc)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-234d14bfcc advisory. - The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a...
Fedora: Security Advisory for sudo (FEDORA-2021-234d14bfcc)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: sudo-1.9.5p1-1.fc33
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
[ASA-202101-25] sudo: multiple issues
Arch Linux Security Advisory ASA-202101-25 ========================================== Severity: Critical Date : 2021-01-20 CVE-ID : CVE-2021-3156 CVE-2021-23239 Package : sudo Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1431 Summary ======= The package sudo before...
Fedora 33 : sudo (2021-324479472c)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-324479472c advisory. - The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a...
Fedora: Security Advisory for sudo (FEDORA-2021-324479472c)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Updated sudo packages fix security vulnerabilities
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. CVE-2021-23239. selinuxeditcopytfiles in sudoedit in...
MGASA-2021-0042 Updated sudo packages fix security vulnerabilities
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. CVE-2021-23239. selinuxeditcopytfiles in sudoedit in...
Escalation Of Privilege
sudo is vulnerable to escalation of privilege. An attacker is able to exploit the vulnerability by replacing a temporary file with a symlink to an arbitary file target in selinuxeditcopytfiles in sudoedit...
Information Disclosure
sudo is vulnerable to information disclosure. The sudoedit personality allows a local unprivileged user to determine the existence of an arbitrary directory by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...
ALPINE-CVE-2021-23239
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...
CVE-2021-23239
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...
CVE-2021-23240
selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not...
CVE-2021-23239
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...
CVE-2021-23240
selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not...
CVE-2021-23239
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...
Race condition
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...
Code injection
selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not...
CVE-2021-23240
CVE-2021-23240 affects sudoedit in sudo prior to 1.9.5. An unprivileged local user can replace a temporary file with a symlink to an arbitrary target, enabling a file-ownership escalation attack. Impact is described for SELinux RBAC environments in permissive mode; machines without SELinux are no...