Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation

source: https://www.securityfocus.com/bid/3871/info Sudo is a freely available, open source permissions management software package available for the Linux and Unix operating systems. It is maintained by Todd C. Miller. Under some circumstances, sudo does not properly sanitize the environment it...

Sudo 1.6.x - Password Prompt Heap Overflow

Sudo 1.6.x - Password Prompt Heap Overflow // source: https://www.securityfocus.com/bid/4593/info Sudo is a widely used Linux/Unix utility allow users to securely run commands as other users. Sudo is vulnerable to a heap overflow condition related to it's customizable password prompt feature. The...

Sudo 1.6.x - Password Prompt Heap Overflow

// source: https://www.securityfocus.com/bid/4593/info Sudo is a widely used Linux/Unix utility allow users to securely run commands as other users. Sudo is vulnerable to a heap overflow condition related to it's customizable password prompt feature. The nature of the sudo utility requires that i...

CVE-1999-1496

CVE-1999-1496 affects Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 . Local users can infer the existence of arbitrary files by attempting to execute the target filename as a program, which yields different error messages depending on whether the file exists. This indicates a minor information-dis...

CVE-1999-1496

Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist...

[synnergy] - Sudo Vudo

Vudo - An object superstitiously believed to embody magical powers - -------------- Michel "MaXX" Kaempf [email protected] -------------- ---------------- Copyright C 2001 Synnergy Networks ---------------- -- 0x00 - Introduction ----------------------------------------------- Sudo superuser do...

Переполнение буфера в sudo (buffer overflow)

Переполнение буфера...

CVE-2001-0279

The CVE-2001-0279 entry concerns a buffer overflow in sudo prior to version 1.6.3p6 that could allow a local user to gain root privileges. Multiple connected advisories confirm this vulnerability and reference updating to a fixed package (e.g., 1.6.3p6 or newer) as the remedy. Affected documents ...

CVE-2001-0279

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges...

CVE-2001-0279

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges...

FreeBSD-SA-01:38.sudo

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:38 Security Advisory FreeBSD, Inc. Topic: sudo contains local buffer overflow Category: ports Module: sudo Announced: 2001-04-23 Credits: Chris Wilson Affects: Ports...

[SECURITY] [DSA 031-2] New sudo packages for powerpc available

---------------------------------------------------------------------------- Debian Security Advisory DSA-031-2 [email protected] http://www.debian.org/security/ Martin Schulze March 6, 2001 - ---------------------------------------------------------------------------- Package : sudo...

[SECURITY] [DSA-031-1] New version of sudo released

Package: sudo Vulnerability: buffer overflow Debian-specific: no Todd Miller announced a new version of sudo which corrects a buffer overflow that could potentially be used to gain root privilages on the local system. The fix from sudo 1.6.3p6 is available in sudo 1.6.2p2-1potato1 for Debian 2.2...

Sudo version 1.6.3p6 now available

Sudo version 1.6.3p6 is now available ftp sites listed at the end. This fixes a buffer overflow in sudo which is a potential security problem. I don't know of any exploits that currently exist but I suggest that you upgrade none the less. Sudo has a good track record wrt secure coding, but this o...

buffer overflow in sudo fixed

Sudo 1.6.3p6 is now available for Slackware 7.1 and Slackware -current. This release fixes a known buffer overflow, which could be used by malicious users to compromise parts of the system. If you rely on Sudo and use one of the above versions of Slackware, it is recommended that you upgrade to t...

Sudo 1.51.6 - Heap Corruption

Sudo 1.51.6 - Heap Corruption // source: https://www.securityfocus.com/bid/2829/info Sudo superuser do is a security utility that allows administrator to give 'restricted' superuser privileges to certain users. Sudo contains a locally exploitable buffer overrun vulnerability. The overrun conditio...

CVE-1999-0958

Technical details about CVE-1999-0958 are not publicly provided in the connected documents. The available sources reiterate the arbitrary command execution via sudo 1.5.x. Monitor for updates.

CVE-1999-0958

sudo 1.5.x allows local users to execute arbitrary commands via a .. dot dot attack...

sudo.info.txt

Date: Tue, 8 Jun 1999 21:23:55 +0200 From: Bencsath Boldizsar To: [email protected] Subject: unneeded information in sudo Sudo debian , v1.5.6p2-2 tells anyone if a file exists or not. It's not a very big problem, but when i set a directory not accessible to anyone but root, I want to make sur...

CVE-1999-1496

Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist...