pam: pam_namespace executes namespace.init with service's environment

pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pamnamespace PAM...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID 67b514c3-ba8f-11df-8f6e-000c29a67389 OpenVAS Vulnerability Test $ Description: Auto generated from VID 67b514c3-ba8f-11df-8f6e-000c29a67389 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fedora 12 : sudo-1.7.4p4-2.fc12 (2010-14996)

reset $HOME when the -i' option is used - update to new upstream version - sudo now uses /var/db/sudo for timestamps - new command available: sudoreplay - use native audit support - corrected license field value: BSD - ISC - added envkeep += HOME see rhbz614025 for backwards compatibility - added...

Confluence features that require password confirmation (websudo, captcha) do not work with custom authentication

When user is required to confirm the password, Confluence always checks the entered password against the internally stored user/password. If an instance is configured to use custom authentication which is different from atlassian-user, the password validation will fail. h3. Resolution This is fix...

Confluence features that require password confirmation (websudo, captcha) do not work with custom authentication

When user is required to confirm the password, Confluence always checks the entered password against the internally stored user/password. If an instance is configured to use custom authentication which is different from atlassian-user, the password validation will fail. h3. Resolution This is fix...

VMSA-2010-0015 : VMware ESX third-party updates for Service Console

a. Service Console update for NSSdb The service console package NSSdb is updated to version nssdb-2.2-35.4.el55. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2010-0826 to this issue. b. Service Console update for OpenLDAP The service console package...

Fedora Update for sudo FEDORA-2010-14996

Check for the Version of sudo OpenVAS Vulnerability Test Fedora Update for sudo FEDORA-2010-14996 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for sudo FEDORA-2010-14996

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] Fedora 12 Update: sudo-1.7.4p4-2.fc12

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

Fedora 14 : sudo-1.7.4p4-1.fc14 (2010-14184)

update to new upstream version - sudo now uses /var/db/sudo for timestamps - new command available: sudoreplay - use native audit support - corrected license field value: BSD - ISC - fixes CVE-2010-2956 Note that Tenable Network Security has extracted the preceding description block directly from...

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo redo (SSA:2010-258-03)

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a directory permissions issue. These replacement packages restore the correct permissions to /var. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] Fedora 14 Update: sudo-1.7.4p4-1.fc14

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

[slackware-security] sudo redo

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a directory permissions issue. These replacement packages restore the correct permissions to /var. Here are the details from the Slackware 13.1 ChangeLog:...

[slackware-security] sudo

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/sudo-1.7.4p4-i486-1slack13.1.txz: Upgraded. This fixes a flaw that coul...

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2010-257-02)

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Securi...

Fedora Update for sudo FEDORA-2010-14355

Check for the Version of sudo OpenVAS Vulnerability Test Fedora Update for sudo FEDORA-2010-14355 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Mandriva Update for sudo MDVSA-2010:175 (sudo)

Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2010:175 sudo Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Fedora Update for sudo FEDORA-2010-14355

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Linux Security Advisory : sudo (MDVSA-2010:175)

A vulnerability has been found and corrected in sudo : Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a -u root sequence...