4723 matches found
DSA-946-2 sudo - missing input sanitising
Bulletin has no description...
initscripts security update
CentOS Errata and Security Advisory CESA-2006:0015 Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The initscripts package contains the basic...
security flaw
initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...
USN-262-1: Ubuntu 5.10 installer password disclosure
Karl Øie discovered that the Ubuntu 5.10 installer failed to clean passwords in the installer log files. Since these files were world-readable, any local user could see the password of the first user account, which has full sudo privileges by default. The updated packages remove the passwords and...
Ubuntu 5.10 : Ubuntu 5.10 installer vulnerability (USN-262-1)
Karl Oie discovered that the Ubuntu 5.10 installer failed to clean passwords in the installer log files. Since these files were world-readable, any local user could see the password of the first user account, which has full sudo privileges by default. The updated packages remove the passwords and...
CVE-2006-1079
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, an...
CVE-2005-3629
CVE-2005-3629 affects initscripts in Red Hat Enterprise Linux 4. A bug in how environment variables are handled when /sbin/service is executed allows a local user with sudo access to /sbin/service to run commands with root privileges. Public advisories (RHSA-2006:0015, RHSA-2006:0016) and CentOS/...
security flaw
initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors...
[slackware-security] sudo
New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-0151 Here are the details from the Slackware...
Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2006-045-08)
New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2006-045-08. The text...
CVE-2006-0576
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious 1 which or 2 dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing...
oprofile.txt
Hello all, I recently audited a box with a software called OProfile http://oprofile.sourceforge.net/. "OProfile is a system-wide profiler for Linux systems, capable of profiling all running code at low overhead. OProfile is released under the GNU GPL. It consists of a kernel driver and a daemon f...
CVE-2006-0576
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious 1 which or 2 dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing...
Ubuntu 4.10 / 5.04 / 5.10 : sudo vulnerability (USN-235-1)
Charles Morris discovered a privilege escalation vulnerability in sudo. On executing Perl scripts with sudo, various environment variables that affect Perl's library search path were not cleaned properly. If sudo is set up to grant limited sudo execution of Perl scripts to normal users, this coul...
Ubuntu 4.10 / 5.04 / 5.10 : sudo vulnerability (USN-235-2)
USN-235-1 fixed a vulnerability in sudo's handling of environment variables. Tavis Ormandy noticed that sudo did not filter out the PYTHONINSPECT environment variable, so that users with the limited privilege of calling a python script with sudo could still escalate their privileges. For referenc...
[SECURITY] [DSA 946-1] New sudo packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 946-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 946-1] New sudo packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 946-1 [email protected] http://www.debian.org/security/ Martin Schulze January 20th, 2006 http://www.debian.org/security/faq -...
Mandrake Linux Security Advisory : sudo (MDKSA-2005:234)
Charles Morris discovered a vulnerability in sudo versions prior to 1.6.8p12 where, when the perl taint flag is off, sudo does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment variables, which could allow limited local users to cause a perl script to include and execute arbitrary library...
Ubuntu 4.10 : sudo vulnerability (USN-28-1)
Liam Helmer discovered an input validation flaw in sudo. When the standard shell 'bash' starts up, it searches the environment for variables with a value beginning with ''. For each of these variables a function with the same name is created, with the function body filled in from the environment...
Ubuntu 4.10 / 5.04 : sudo vulnerability (USN-142-1)
Charles Morris discovered a race condition in sudo which could lead to privilege escalation. If /etc/sudoers allowed a user the execution of selected programs, and this was followed by another line containing the pseudo-command 'ALL', that user could execute arbitrary commands with sudo by creati...