Scientific Linux Security Update : sudo on SL5.x i386/x86_64

CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution CVE-2010-0427 sudo: Fails to reset group permissions if runasdefault set A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers fi...

Scientific Linux Security Update : sudo on SL5.x i386/x86_64

In configurations where the ignoredot option was set to off the default is on for the Scientific Linux 5 sudo package, a local user authorized to use the sudoedit pseudo-command could possibly run arbitrary commands with the privileges of the users sudoedit was authorized to run as. CVE-2010-1163...

Scientific Linux Security Update : sudo on SL6.x i386/x86_64

The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo...

Scientific Linux Security Update : sudo on SL5.x, SL6.x i386/x86_64 (20120716)

The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run...

CentOS Update for sudo CESA-2012:1081 centos5

Check for the Version of sudo OpenVAS Vulnerability Test CentOS Update for sudo CESA-2012:1081 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for sudo CESA-2012:1081 centos6

Check for the Version of sudo OpenVAS Vulnerability Test CentOS Update for sudo CESA-2012:1081 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for sudo CESA-2012:1081 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for sudo CESA-2012:1081 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Medium: sudo

Issue Overview: A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run thos...

Symantec Web Gateway 5.0.3.18 LFI / Command Execution

!/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI vulnerability. Timeline: 06 Jun 2012:...

Symantec Web Gateway 5.0.3.18 - LocalRemote File Inclusion Remote Command Execution

Symantec Web Gateway 5.0.3.18 - LocalRemote File Inclusion Remote Command Execution !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obta...

Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit

Exploit for linux platform in category remote exploits !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a...

Symantec Web Gateway 5.0.3.18 - Local/Remote File Inclusion / Remote Command Execution

!/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI vulnerability. Timeline: 06 Jun 2012:...

RedHat Update for sudo RHSA-2012:1081-01

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2012:1081-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

RedHat Update for sudo RHSA-2012:1081-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 5 / 6 : sudo (RHSA-2012:1081)

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

CentOS 5 / 6 : sudo (CESA-2012:1081)

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

sudo security update

CentOS Errata and Security Advisory CESA-2012:1081 An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS...

Moderate: Red Hat Security Advisory: sudo security update

An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address...