Fedora 16 : sudo-1.8.3p1-3.fc16 (2012-8021)

fixed CVE-2012-2337 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

[SECURITY] Fedora 16 Update: sudo-1.8.3p1-3.fc16

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

GLSA-201207-01 : sudo: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201207-01 sudo: Privilege escalation An error in sudo may allow unintended IPv4 hosts to be granted access to commands. Impact : A local attacker could gain escalated privileges. Workaround : There is no known workaround at this...

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Access to commands may also be granted on a range to hosts. Description An error in sudo may allow unintended IPv4 hosts to be granted access to commands. Impact A local attacker could gain...

RedHat Update for sudo RHSA-2011:0599-01

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2011:0599-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

RedHat Update for sudo RHSA-2011:0599-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Debian Security Advisory DSA 2478-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 2478-1. OpenVAS Vulnerability Test $Id: deb24781.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2478-1 sudo Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID b3435b68-9ee8-11e1-997c-002354ed89bc OpenVAS Vulnerability Test $ Description: Auto generated from VID b3435b68-9ee8-11e1-997c-002354ed89bc Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2478-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fedora 17 : sudo-1.8.3p1-7.fc17 (2012-7998)

fixed CVE-2012-2337 - temporarily disabled SSSD support Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

[SECURITY] Fedora 17 Update: sudo-1.8.3p1-7.fc17

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

SuSE 10 Security Update : sudo, sudo-debuginfo (ZYPP Patch Number 8134)

This update fixes a security problem in sudo : Multiple netmask values used in Host / HostList configuration caused any host to be allowed access. CVE-2012-2337 Also a bug in wildcard matching could allow too relaxed matches within subdirectories of the specified path so /usr/bin/ would also matc...

Debian DSA-2478-1 : sudo - parsing error

It was discovered that sudo misparsed network masks used in Host and HostList stanzas. This allowed the execution of commands on hosts, where the user would not be allowed to run the specified command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

[SECURITY] [DSA 2478-1] sudo security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2478-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 23, 2012 http://www.debian.org/security/faq -...

DSA-2478-1 sudo - parsing error

Bulletin has no description...

SOL13605 - FirePass sudo vulnerability - CVE-2012-2053

Recommended action F5 recommends that you upgrade to the latest FirePass hotfix to ensure that you have the latest security updates. Supplemental Information CERT advisory regarding CVE-2012-2053 SOL167: Downloading software and firmware from F5 SOL10322: FirePass hotfix matrix SOL3430: Installin...

Mandriva Linux Security Advisory : sudo (MDVSA-2012:079)

A vulnerability has been found and corrected in sudo : A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask liste...

CVE-2012-2337

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address...

DEBIAN-CVE-2012-2337

sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address...