[SECURITY] Fedora 14 Update: sudo-1.7.4p5-1.fc14

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

DEBIAN-CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

Authentication flaw

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

CVE-2011-0010

The CVE-2011-0010 issue affects sudo 1.7.x (prior to 1.7.4p5). Check.c with a configured Runas group does not require a password for commands that involve a gid change but no uid change, enabling local users to bypass authentication via the -g option. Public advisories (e.g., MiracleLinux/OpenRHE...

CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

CVE-2011-0010

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command...

FreeBSD : sudo -- local privilege escalation (908f4cf2-1e8b-11e0-a587-001b77d09812)

Todd Miller reports : Beginning with sudo version 1.7.0 it has been possible to grant permission to run a command using a specified group via sudo's -g option run as group, if allowed by the sudoers file. A flaw exists in sudo's password checking logic that allows a user to run a command with onl...

sudo -- local privilege escalation

Todd Miller reports: Beginning with sudo version 1.7.0 it has been possible to grant permission to run a command using a specified group via sudo's -g option run as group, if allowed by the sudoers file. A flaw exists in sudo's password checking logic that allows a user to run a command with only...

VMSA-2011-0001 : VMware ESX third-party updates for Service Console packages glibc, sudo, and openldap

a. Service Console update for glibc The service console packages glibc, glibc-common, and nscd are each updated to version 2.5-34.4908.vmw. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2010-3847 and CVE-2010-3856 to the issues addressed in this update...

VMware ESX third party updates for Service Console packages glibc, sudo, and openldap

a. Service Console update for glibcThe service console packages glibc, glibc-common, and nscd are each updated to version 2.5-34.4908.vmw. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2010-3847 and CVE-2010-3856 to the issues addressed in this update...

VMSA-2011-0001:VMware ESX third party updates for Service Console packages glibc, sudo, and openldap

VMSA-2011-0001.3 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0001.3 VMware Security Advisory Synopsis: VMware ESX third party updates for Service Console packages glibc, sudo, and...

Fedora Update for sudo FEDORA-2010-14184

Check for the Version of sudo OpenVAS Vulnerability Test Fedora Update for sudo FEDORA-2010-14184 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for sudo FEDORA-2010-14184

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CORE-2010-1018 - Landesk OS command injection

Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Landesk OS command injection 1. Advisory Information Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL: http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability Date...

Mandriva Update for sudo MDVA-2010:218 (sudo)

Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVA-2010:218 sudo Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Landesk - OS command Injection

Landesk - OS command Injection 1. Advisory Information Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL: http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability Date published: 2010-11-10 Date of last update: 2010-11-10 Vendors contacted: LANDesk...

MDVA-2010:218 : sudo

This is a maintenance and bugfix release of sudo which upgrades sudo to the latest 1.7.4p4 version. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was...