[SECURITY] Fedora 12 Update: sudo-1.7.2p5-1.fc12

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

Debian DSA-2006-1 : sudo - several vulnerabilities

Several vulnerabilities have been discovered in sudo, a program designed to allow a sysadmin to give limited root privileges to users. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0426 It was discovered that sudo when a pseudo-command is enabled,...

GLSA-201003-01 : sudo: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201003-01 sudo: Privilege escalation Multiple vulnerabilities have been discovered in sudo: Glenn Waller and neonsignal reported that sudo does not properly handle access control of the 'sudoedit' pseudo-command CVE-2010-0426...

Todd Miller sudoedit Root Exploit

!/bin/sh Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4 local root exploit March 2010 automated by kingcope Full Credits to Slouching echo Tod Miller Sudo local root exploit echo by Slouching echo automated by kingcope if $ != 1 then echo "usage: ./sudoxpl.sh " exit fi cd /tmp cat...

Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4 Exploit

Exploit for unknown platform in category local exploits ====================================================================== Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4 exploit ====================================================================== !/bin/sh Tod Miller Sudo 1.6...

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Description Multiple vulnerabilities have been discovered in sudo: Glenn Waller and neonsignal reported that sudo does not properly handle access control of the "sudoedit" pseudo-command...

[SECURITY] [DSA 2006-1] New sudo packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2006-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 02, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2006-1] New sudo packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2006-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 02, 2010 http://www.debian.org/security/faq -...

Todd Miller Sudo 'runas_default'本地特权提升漏洞

Bugraq ID: 38432 CVE ID：CVE-2010-0427 Sudo是一款允许用户以其他用户权限安全地执行命令的程序，广泛使用在Linux和Unix操作系统下。 当使用"runasdefault"选项时，sudo不正确重设组权限。如果本地非特权用户由sudoers文件授权在默认用户帐户下执行sudo命令，可导致特权提升。 Todd Miller Sudo 1.6.9 p19 Todd Miller Sudo 1.6.9 p18 Todd Miller Sudo 1.6.9 p17 Todd Miller Sudo 1.6.9 p21已经修复此漏洞，建议用户下载使用：...

Todd Miller Sudo local root exploit discovered by Slouching

Just for the record. ---snip--- !/bin/sh Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4 local root exploit March 2010 automated by kingcope Full Credits to Slouching echo Tod Miller Sudo local root exploit echo by Slouching echo automated by kingcope if $ != 1 then echo "usage:...

Mandriva Linux Security Advisory : sudo (MDVSA-2010:052)

A vulnerability has been found and corrected in sudo : sudo 1.6.x before 1.6.9p21, when the runasdefault option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command CVE-2010-0427. The updated packages have been patched to correct this...

DSA-2006-1 sudo - several vulnerabilities

Bulletin has no description...

Ubuntu: Security Advisory (USN-905-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Update for sudo MDVSA-2010:049 (sudo)

Check for the Version of sudo OpenVAS Vulnerability Test Mandriva Update for sudo MDVSA-2010:049 sudo Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Ubuntu Update for sudo vulnerabilities USN-905-1

Ubuntu Update for Linux kernel vulnerabilities USN-905-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9051.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for sudo vulnerabilities USN-905-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

RedHat Update for sudo RHSA-2010:0122-01

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2010:0122-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CentOS 5 : sudo (CESA-2010:0122)

An updated sudo package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The sudo superuser do utility allows system administrators to give certain users the abilit...

RedHat Update for sudo RHSA-2010:0122-01

Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2010:0122-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

FreeBSD : sudo -- Privilege escalation with sudoedit (018a84d0-2548-11df-b4a3-00e0815b8da8)

Todd Miller reports : When sudo performs its command matching, there is a special case for pseudo-commands in the sudoers file currently, the only pseudo-command is sudoedit. Unlike a regular command, pseudo-commands do not begin with a slash '/'. The flaw is that sudo's the matching code would...

RHEL 5 : sudo (RHSA-2010:0122)

An updated sudo package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The sudo superuser do utility allows system administrators to give certain users the abilit...