CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2020/03/06 12:0 a.m.•45 views

Fedora 31 : sudo (2020-8b563bc5f4)

update to latest development version 1.9.0b1 - added sudologsrvd and sudosendlog to files and their appropriate man pages Resolves: rhbz1787823 - Stack based buffer overflow in when pwfeedback is enabled Resolves: rhbz1796945 - fixes: CVE-2019-18634 - By using ! character in the shadow file...

7.8CVSS6.9AI score0.19426EPSS

OpenVAS•added 2020/03/06 12:0 a.m.•30 views

Fedora: Security Advisory for sudo (FEDORA-2020-8b563bc5f4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2AI score

Exploits0References2

RedHat Linux•added 2020/03/05 1:29 p.m.•217 views

Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.8CVSS7.4AI score0.19426EPSS

Oracle linux•added 2020/03/05 12:0 a.m.•63 views

sudo security update

1.8.6p3-29.0.1.el610.3 - Fixes OraBug: 28747380 sudo does not honor envkeep-='KRB5CCNAME' after 'sudo -k' [email protected] 1.8.6p3-29.3 - RHEL-6.10.z ERRATUM - fixed CVE-2019-18634 Resolves: rhbz1799018 1.8.6p3-29.2 - RHEL-6.10.z ERRATUM - fixed CVE-2019-14287 Resolves: rhbz1760684...

9CVSS0.6AI score0.63917EPSS

Exploits21

BDU FSTEC•added 2020/03/04 12:0 a.m.•2 views

The vulnerability of the `stdin getln` function in the system administration software Sudo, which allows a hacker to escalate their privileges.

The vulnerability of the stdin getln function in the system administration program Sudo is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.6AI score0.19426EPSS

Exploits13References15Affected Software8

OpenVAS•added 2020/02/26 12:0 a.m.•28 views

openSUSE: Security Advisory for sudo (openSUSE-SU-2020:0244-1)

Tenable Nessus•added 2020/02/26 12:0 a.m.•31 views

openSUSE Security Update : sudo (openSUSE-2020-244)

This update for sudo fixes the following issues : Security issue fixed : - CVE-2019-18634: Fixed a buffer overflow in the passphrase prompt that could occur when pwfeedback was enabled in /etc/sudoers bsc1162202. Non-security issue fixed : - Fixed an issue where sudo -l would ask for a password...

7.8CVSS7.6AI score0.19426EPSS

Exploits13References3

OSV•added 2020/02/25 9:29 a.m.•4 views

OPENSUSE-SU-2020:0244-1 Security update for sudo

This update for sudo fixes the following issues: Security issue fixed: - CVE-2019-18634: Fixed a buffer overflow in the passphrase prompt that could occur when pwfeedback was enabled in /etc/sudoers bsc1162202. Non-security issue fixed: - Fixed an issue where sudo -l would ask for a password even...

Tenable Nessus•added 2020/02/25 12:0 a.m.•34 views

EulerOS 2.0 SP8 : sudo (EulerOS-SA-2020-1181)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process...

7.8CVSS7AI score0.19426EPSS

OPENSUSE Linux•added 2020/02/25 12:0 a.m.•73 views

Security update for sudo (important)

openSUSE Security Update: Security update for sudo Announcement ID: openSUSE-SU-2020:0244-1 Rating: important References: 1162202 1162675 Cross-References: CVE-2019-18634 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available. Description...

7.8CVSS7.3AI score0.19426EPSS

OpenVAS•added 2020/02/25 12:0 a.m.•56 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1181)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenVAS•added 2020/02/24 12:0 a.m.•30 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1135)

Tenable Nessus•added 2020/02/24 12:0 a.m.•34 views

EulerOS 2.0 SP5 : sudo (EulerOS-SA-2020-1135)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a...

7.8CVSS7AI score0.19426EPSS

Kitploit•added 2020/02/21 12:0 p.m.•1723 views

SUDO_KILLER - A Tool To Identify And Exploit Sudo Rules' Misconfigurations And Vulnerabilities Within Sudo

Linux Privilege Escalation through SUDO abuse. If you like the tool and for my personal motivation so as to develop other tools please a +1 star The tool can be used by pentesters, system admins, CTF players, students, System Auditors and trolls :. INTRO WARNING: SUDOKILLER is part of the KILLER...

8.8CVSS9.2AI score0.63917EPSS

Exploits21References1

Tenable Nessus•added 2020/02/20 12:0 a.m.•64 views

SUSE SLES12 Security Update : sudo (SUSE-SU-2020:0407-1)

This update for sudo fixes the following issue : Security issue fixed : CVE-2019-18634: Fixed a buffer overflow in the passphrase prompt that could occur when pwfeedback was enabled in /etc/sudoers bsc1162202. Note that Tenable Network Security has extracted the preceding description block direct...

7.8CVSS7.7AI score0.19426EPSS