Debian Security Advisory DSA 101-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 101-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 031-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 031-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 596-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 596-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Debian Security Advisory DSA 946-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 946-1. It has been discovered that sudo, a privileged program, that provides limited super user privileges to specific users, passes several environment variables to the program that runs with elevated privileges. In the case...

Debian: Security Advisory (DSA-735-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-870-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-946-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 128-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 128-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-596-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Race condition

Multiple race conditions in the 1 Sudo monitor mode and 2 Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing...

CVE-2007-4305

Multiple race conditions in the 1 Sudo monitor mode and 2 Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing...

CVE-2007-4305

Multiple race conditions in the 1 Sudo monitor mode and 2 Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing...

CVE-2007-4305

CVE-2007-4305 involves multiple race conditions in the Sudo monitor mode and in Sysjail policies of Systrace on NetBSD and OpenBSD. The underlying issue allows local users to defeat system call interposition, thereby bypassing access control policy and auditing. Affected components: NetBSD/OpenBS...

CVE-2007-3149

sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...

Design/Logic Flaw

sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...

CVE-2007-3149

sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...

CVE-2007-3149

sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...

CVE-2007-3149

CVE-2007-3149 concerns the sudo utility when linked with MIT Kerberos 5 (krb5). The vulnerability arises because sudo does not properly verify whether a user is currently authenticated to Kerberos, allowing local users to gain privileges via certain KRB5_ environment variable settings. The issue ...

CVE-2007-3149

sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...

sudo with Kerberos authentication privilege escalation

sudo fails to check granted tickets match to requested service, making it possible to use faked Kerberos server...