4723 matches found
sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword
A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction...
[SECURITY] Fedora 29 Update: sudo-1.8.28-1.fc29
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
Security fix for the ALT Linux 8 package sudo version 1:1.8.28-alt1
1:1.8.28-alt1 built Oct. 31, 2019 Ivan Zakharyaschev in task 240030 Oct. 15, 2019 Evgeny Sinelnikov - Update to autumn security release closes: 37334 - Code execution with euid==0 in rare box configurations fixes: CVE-2019-14287 - Fix post script for sudowheel control in case of upgrade in not...
Fedora 29 : sudo (2019-72755db9c7)
Rebase to 1.8.28 - Fixed CVE-2019-14287 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
Fedora Update for sudo FEDORA-2019-72755db9c7
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword
A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction...
RHEL 7 : sudo (RHSA-2019:3219)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3219 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact ...
sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword
A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction...
RHEL 7 : sudo (RHSA-2019:3209)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3209 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact ...
RHEL 7 : sudo (RHSA-2019:3205)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3205 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
RHEL 7 : sudo (RHSA-2019:3204)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3204 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
FreeBSD : sudo -- Potential bypass of Runas user restrictions (3a1474ba-f646-11e9-b0af-b888e347c638)
Todd C. Miller reports : When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295. This can be used by a user with sufficient sudo privileges to run...
RHEL 7 : sudo (RHSA-2019:3197)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3197 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword
A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword
A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...