CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

Default credentials

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

DEBIAN-CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...

openSUSE 10 Security Update : sudo (sudo-5349)

This update of sudo flushs the stdin buffer on password timeout. Unflushed buffers can lead to leaking the password via a parent process reading stdin after sudo exits. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

CVE-2008-2516

pamsmauthenticate in pampgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precedence when evaluating the success of a pamgetpass function call, which allows local users to gain privileges via a SIGINT signal when this function is executing, as demonstrated by a CTRL-C sequence at ...

CVE-2008-2516

pamsmauthenticate in pampgsql.c in libpam-pgsql 0.6.3 does not properly consider operator precedence when evaluating the success of a pamgetpass function call, which allows local users to gain privileges via a SIGINT signal when this function is executing, as demonstrated by a CTRL-C sequence at ...

CVE-2008-2516

Removed by vendor...

Fedora 8 : audit-1.6.8-4.fc8 (2008-3012)

This release fixes the init script headers to not provide LSB info. This was causing audit to start too late. It also fixes a problem where saddr fields were not being decoded correctly on avc events in ausearch. This also fixes a buffer overflow in auditlogusercommand that is caught by...

Debian Security Advisory DSA 101-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 101-1. OpenVAS Vulnerability Test $Id: deb1011.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 101-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 128-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 128-1. OpenVAS Vulnerability Test $Id: deb1281.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 128-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 870-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 870-1. Tavis Ormandy noticed that sudo, a program that provides limited super user privileges to specific users, does not clean the environment sufficiently. The SHELLOPTS and PS4 variables are dangerous and are still passed...

Debian Security Advisory DSA 735-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 735-1. OpenVAS Vulnerability Test $Id: deb7351.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 735-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 596-2 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 596-2. OpenVAS Vulnerability Test $Id: deb5962.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 596-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 031-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 031-1. OpenVAS Vulnerability Test $Id: deb0311.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 031-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 946-2 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 946-2. The former correction to vulnerabilities in the sudo package worked fine but were too strict for some environments. Therefore we have reviewed the changes again and allowed some environment variables to go back into th...

Debian Security Advisory DSA 596-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 596-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...