[SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 870-1 [email protected] http://www.debian.org/security/ Martin Schulze October 25th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...

CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...

CVE-2005-2959

CVE-2005-2959 concerns sudo 1.6.8 and earlier, where the SHELLOPTS and PS4 environment variables are not cleared during privilege-escalation prompts. The result is a local privilege escalation when a user with limited sudo privileges runs a bash script, as these variables can be passed through to...

[Full-disclosure] [SECURITY] [DSA 870-1] New sudo packages fix arbitrary command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 870-1 [email protected] http://www.debian.org/security/ Martin Schulze October 25th, 2005 http://www.debian.org/security/faq -...

sudo -- arbitrary command execution

Tavis Ormandy reports: The bash shell uses the value of the PS4 environment variable after expansion as a prefix for commands run in execution trace mode. Execution trace mode xtrace is normally set via bash's -x command line option or interactively by running "set -o xtrace". However, it may als...

DSA-870-1 sudo - missing input sanitising

Bulletin has no description...

Adobe Version Cue 1.0/1.0.1 (OSX) - Local Privilege Escalation

!/usr/bin/perl Adobe Version Cue VCNativeOSX: local root exploit. by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program writes data to a log file in the current working directory while running as setuid root. the logfile is formated as /VCNative-.log, which is easily...

[Full-disclosure] Operator Shell (osh) Stack-based Buffer Overflow

!/usr/bin/perl OSH 1.7 Exploit 2 Gonna bang away at this until it's removed ;- EDUCATIONAL purposes only.... :- by Charles Stevenson core [email protected] Description: The Operator Shell Osh is a setuid root, security enhanced, restricted shell. It allows the administrator to carefully limit the...

SUSE-SA:2005:036: sudo

The remote host is missing the patch for the advisory SUSE-SA:2005:036 sudo. Sudo8 allows the execution of commands as another user and gives the administrator more flexibility than su1. A race condition in the pathname handling of sudo may allow a local user to execute arbitrary commands. To...

Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2005-172-01)

New Sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A race condition could allow a user with Sudo privileges to run arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

SSA-18705 sudo upgrade fixes a potential vulnerability

New sudo packages are available to fix a security problem which may allow users to become root, or to execute arbitrary code as root. Heres's the information from the Slackware 8.0 ChangeLog: ---------------------------- Thu Apr 25 12:00:50 PDT 2002 patches/packages/sudo.tgz: Upgraded to...

FreeBSD : sudo -- local race condition vulnerability (3bf157fa-e1c6-11d9-b875-0001020eed82)

Todd C. Miller reports : A race condition in Sudo's command pathname handling prior to Sudo version 1.6.8p9 that could allow a user with Sudo privileges to run arbitrary commands. Exploitation of the bug requires that the user be allowed to run one or more commands via Sudo and be able to create...

FreeBSD : sudo -- environmental variable CDPATH is not cleared (045944a0-6bca-11d9-aaa6-000a95bc6fae)

A sudo bug report says : sudo doesn't unset the CDPATH variable, which leads to possible security problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques...

[SECURITY] [DSA 735-2] New sudo packages fix pathname validation race

------------------------------------------------------------------------ Debian Security Advisory DSA 735-2 [email protected] http://www.debian.org/security/ Michael Stone July 07, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

[SECURITY] [DSA 735-2] New sudo packages fix pathname validation race

------------------------------------------------------------------------ Debian Security Advisory DSA 735-2 [email protected] http://www.debian.org/security/ Michael Stone July 07, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

DSA-735-2 sudo - pathname validation race

Bulletin has no description...

Debian DSA-735-1 : sudo - pathname validation race

A local user who has been granted permission to run commands via sudo could run arbitrary commands as a privileged user due to a flaw in sudo's pathname validation. This bug only affects configurations which have restricted user configurations prior to an ALL directive in the configuration file. ...

Sudo 1.3.1 < 1.6.8p (OpenBSD) - Pathname Validation Privilege Escalation

include include include include include define SUDO "/usr/bin/sudo" ifdef BUFSIZ undef BUFSIZ define BUFSIZ 128 endif / ANY MODIFIED REPUBLISHING IS RESTRICTED OpenBSD sudo 1.3.1 - 1.6.8p local root exploit Tested under OpenBSD 3.6 sudo 1.6.7p5 Vuln by OpenBSD errata,...

Sudo 1.3.1 - 1.6.8p Pathname Validation Local Root Exploit (openbsd)

Exploit for bsd platform in category local exploits ==================================================================== Sudo 1.3.1 - 1.6.8p Pathname Validation Local Root Exploit openbsd ==================================================================== include include include include include...