RedHat Update for sudo RHSA-2012:1149-01

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2012:1149-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20120808)

An insecure temporary file use flaw was found in the sudo package's post-uninstall script. A local attacker could possibly use this flaw to overwrite an arbitrary file via a symbolic link attack, or modify the contents of the '/etc/nsswitch.conf' file during the upgrade or removal of the sudo...

CentOS Update for sudo CESA-2012:1149 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for sudo RHSA-2012:1149-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-3440

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...

CVE-2012-3440

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...

CVE-2012-3440

The CVE-2012-3440 entry concerns a race-condition in the sudo package (notably sudo 1.7.2 on Red Hat Enterprise Linux 5) that allows a local attacker to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file. Connected advisories/plugins (MiracleLinux AXSA...

CVE-2012-3440

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...

CVE-2012-3440

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...

RHEL 5 : sudo (RHSA-2012:1149)

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

CentOS 5 : sudo (CESA-2012:1149)

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

sudo security update

CentOS Errata and Security Advisory CESA-2012:1149 An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring...

sudo: insecure temporary file use in RPM %postun script

A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux RHEL 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file...

Moderate: Red Hat Security Advisory: sudo security and bug fix update

An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

sudo security and bug fix update

1.7.2p1-14.2 - added a workaround for a race condition in handling child processes Resolves: rhbz844978 1.7.2p1-14.1 - dont remove the sudoers: line from nsswitch.conf on update - use safe temporary file for nsswitch.conf - call restorecon after modifying nsswitch.conf - fixed command escaping -...

Mandriva Update for sudo MDVSA-2012:079 (sudo)

Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2012:079 sudo Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64

A flaw was discovered in a way sudo handled group specifications in 'run as' lists in the sudoers configuration file. If sudo configuration allowed a user to run commands as any user of some group and the user was also a member of that group, sudo incorrectly allowed them to run defined commands...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64

A flaw was found in the way sudo handled the presence of duplicated environment variables. A local user authorized to run commands using sudo could use this flaw to set additional values for the environment variables set by sudo, which could result in those values being used by the executed comma...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20120221)

The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64

A flaw was found in the way sudo handled Runas specifications containing both a user and a group list. If a local user were authorized by the sudoers file to perform their sudo commands with the privileges of a specified user and group, they could use this flaw to run those commands with the...