DSA-3440-1 sudo - security update

Bulletin has no description...

DLA-382-1 sudo - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3440-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : sssd on SL7.x x86_64 (20151119)

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

libipa_hbac, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, python, sssd security update

CentOS Errata and Security Advisory CESA-2015:2355 Updated sssd packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability...

openSUSE Security Update : sudo (openSUSE-2015-687)

sudo was updated to fix one security issue. This security issue was fixed : - CVE-2014-9680: Unsafe handling of TZ environment variable bsc917806. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...

Moderate: Red Hat Bug Fix Advisory: sudo bug fix and enhancement update

Updated sudo packages that fix several bugs and add one enhancement are now available for Red Hat Enterprise Linux 7. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for syste...

sudo: unsafe handling of TZ environment variable

It was discovered that sudo did not perform any checks of the TZ environment variable value. If sudo was configured to preserve the TZ environment variable, a local user with privileges to execute commands via sudo could possibly use this flaw to achieve system state changes not permitted by the...

CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

Design/Logic Flaw

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

CVE-2015-5602

CVE-2015-5602 affects the sudo tool: sudoedit in sudo before 1.8.15 allows local privilege escalation via a symlink attack when file paths in /etc/sudoers involve wildcards (e.g., /home// /file.txt). The root cause is improper path checking for wildcard-expanded edits, enabling a local user to in...

CVE-2015-5602

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

sudo -- potential privilege escalation via symlink misconfiguration

MITRE reports: sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

Tails 1.6 Information Disclosure

Tails On Tails /dev/null | grep ^amnesia amnesia:$6$r0jt1v9E$UOrWbJ70qAH/sjaKfjmCMvkXZ19bqC2ieQ2UvYk0HKwVvgxuZFtyIwjoLfgH AwrZVM3a0NTEkcsQY1hn/Uq2S0:16710:0:99999:7:::...

Oracle Linux 6 : sssd (ELSA-2015-2019)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2019 advisory. 1.12.4-47.4 - Resolves: rhbz1268783 - Memory leak / possible DoS with krb auth. 1.12.4-47.3 - Resolves: rhbz1268784 - SSSD POSIX attribute check is too strict...

RedHat Update for sssd RHSA-2015:2019-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0443)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...