4723 matches found
sudo -- format string vulnerability
Todd Miller reports: Sudo 1.8.0 introduced simple debugging support that was primarily intended for use when developing policy or I/O logging plugins. The sudodebug function contains a flaw where the program name is used as part of the format string passed to the fprintf function. The program nam...
Debian DSA-2365-1 : dtc - several vulnerabilities
Ansgar Burchardt, Mike O'Connor and Philipp Kern discovered multiple vulnerabilities in DTC, a web control panel for admin and accounting hosting services : - CVE-2011-3195 A possible shell insertion has been found in the mailing list handling. - CVE-2011-3196 Unix rights for the apache2.conf wer...
ipa security and bug fix update
2.1.3-9.el6 - Add current password prompt when changing own password in web UI 751179 - Remove extraneous trailing ' from netgroup patch 749352 2.1.3-8.el6 - Updated patch for CVE-2011-3636 to include CR in the HTTP headers. xmlrpc-c in RHEL-6 doesn't suppose the dontadvertise option so that is n...
Restorepoint 3.2-Evaluation Remote Root Command Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matta Consulting - Matta Advisory https://www.trustmatta.com Restorepoint Remote root command execution vulnerability Advisory ID: MATTA-2011-003 CVE reference: CVE-2011-4201 - Code injection vulnerability CVE-2011-4202 - Privilege escalation through...
Multiple Linux / Unix Post Sudo Upgrade Shell
This module attempts to upgrade a shell account to UID 0 by reusing the given password and passing it to sudo. This technique relies on sudo versions from 2008 and later which support -A. This module requires Metasploit: https://metasploit.com/download Current source:...
eEye Retina audit script could execute untrusted programs as root
Overview eEye Retina audit scripts have the capability to run remote shell scripts in order to determine vulnerable applications. One audit script in particular audit ID 2499 uses find1 and execute -exec when assessing a vulnerability within Gauntlet Firewall. An attacker who can write an...
CentOS Update for sudo CESA-2010:0122 centos5 i386
Check for the Version of sudo OpenVAS Vulnerability Test CentOS Update for sudo CESA-2010:0122 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CentOS Update for sudo CESA-2010:0475 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for sudo CESA-2010:0675 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for sudo CESA-2010:0122 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for sudo CESA-2010:0361 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS Update for sudo CESA-2010:0361 centos5 i386
Check for the Version of sudo OpenVAS Vulnerability Test CentOS Update for sudo CESA-2010:0361 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CentOS Update for sudo CESA-2010:0675 centos5 i386
Check for the Version of sudo OpenVAS Vulnerability Test CentOS Update for sudo CESA-2010:0675 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
CentOS Update for sudo CESA-2010:0475 centos5 i386
Check for the Version of sudo OpenVAS Vulnerability Test CentOS Update for sudo CESA-2010:0475 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora 14 : oprofile-0.9.6-21.fc14 (2011-8087)
When opcontrol was run by a normal user with sudo access it was possible for the user to craft options to opcontrol that would allow commands to be run with root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora 15 : oprofile-0.9.6-21.fc15 (2011-8076)
When opcontrol was run by a normal user with sudo access it was possible for the user to craft options to opcontrol that would allow commands to be run with root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora Update for sudo FEDORA-2011-7867
Check for the Version of sudo OpenVAS Vulnerability Test Fedora Update for sudo FEDORA-2011-7867 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for sudo FEDORA-2011-7867
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Web Sudo should be able to be subverted for non browsers (eg scripts) via a HTTP header
We do this for XSRF protection. Basically you should be able to subvert the web sudo mechanism via a HTTP header. This posts shows the use case https://answers.atlassian.com/questions/1273/jira-jelly-runner-via-cron-in-v4-3-4 I believe it just as secure since web sudo is really design to stop som...
Web Sudo should be able to be subverted for non browsers (eg scripts) via a HTTP header
We do this for XSRF protection. Basically you should be able to subvert the web sudo mechanism via a HTTP header. This posts shows the use case https://answers.atlassian.com/questions/1273/jira-jelly-runner-via-cron-in-v4-3-4 I believe it just as secure since web sudo is really design to stop som...