Lucene search
K

4730 matches found

Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.53 views

Oracle Linux 6 : sudo (ELSA-2021-9169)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9169 advisory. 1.8.6p3-29.0.3.el610.3 - Fix a bug on CVE-2021-3156.patch backported from ol7 Orabug: 32717065 Tenable has extracted the preceding description block directly fr...

7.8CVSS7.4AI score0.99295EPSS
Exploits81References2
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.36 views

EulerOS Virtualization 2.9.1 : sudo (EulerOS-SA-2021-1726)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux...

7.8CVSS6.6AI score0.01066EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.34 views

EulerOS Virtualization 2.9.0 : sudo (EulerOS-SA-2021-1757)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux...

7.8CVSS6.6AI score0.01066EPSS
Exploits2References3
Gitee
Gitee
added 2021/04/14 11:8 p.m.8 views

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a Python-based exploit for the CVE-2021-3156 vulnerability in sudo. The exploit targets Linux systems with glibc and nscd service not running. It overwrites the struct serviceuser to gain root privileges. The exploit has several variants, including: 1. exploitnss.py: This is the main...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Kitploit
Kitploit
added 2021/04/13 9:30 p.m.52 views

Traitor - Automatic Linux Privesc Via Exploitation Of Low-Hanging Fruit E.G. GTFOBin

Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of methods to exploit local misconfigurations and vulnerabilities including most of GTFOBins in order to pop a root shell. It'll exploit most sudo privileges listed in...

7.8AI score
Exploits0References3
OpenVAS
OpenVAS
added 2021/04/13 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1757)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.01066EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/04/13 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1726)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.01066EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/12 10:48 p.m.46 views

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

Summary Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution Vulnerability Details CVEID: CVE-2021-3156 DESCRIPTION: Sudo is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when parsing command line arguments. By sending an "sudoedit -s" and a...

7.8CVSS1.2AI score0.99295EPSS
Exploits81Affected Software1
CNVD
CNVD
added 2021/04/09 12:0 a.m.8 views

VestaCP elevation of privilege vulnerability (CNVD-2021-28371)

VestaCP is an open source hosting control panel that can be used to manage multiple websites, create and manage email accounts, FTP accounts and MySQL databases, and manage DNS records. An elevation of privilege vulnerability exists in VestaCP 0.9.8-24 and earlier versions. The vulnerability stem...

9CVSS6.8AI score0.01803EPSS
Exploits1References1
NVD
NVD
added 2021/04/08 2:15 p.m.7 views

CVE-2021-30462

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

9CVSS0.01803EPSS
Exploits1References1
OSV
OSV
added 2021/04/08 2:15 p.m.12 views

CVE-2021-30462

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

7.2CVSS7.2AI score
Exploits0References1
Prion
Prion
added 2021/04/08 2:15 p.m.7 views

Design/Logic Flaw

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

9CVSS7.2AI score0.01803EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/08 1:54 p.m.16 views

CVE-2021-30462

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

7.4AI score0.01803EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/04/08 12:0 a.m.4 views

Vesta Control Panel 访问控制错误漏洞

VestaCP is an open source hosting control panel that can be used to manage multiple websites, create and manage email accounts, FTP accounts and MySQL databases, and manage DNS records. An elevation of privilege vulnerability exists in VestaCP 0.9.8-24 and earlier versions. The vulnerability stem...

9CVSS5.6AI score0.01803EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2021/04/01 1:33 a.m.73 views

Exploit for OS Command Injection in Raspap

CVE-2020-24572-POC An issue was discovered in includes/webcons...

9CVSS8.8AI score0.06799EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2021/03/26 12:0 a.m.40 views

SUSE SLES12 Security Update : sudo (SUSE-SU-2021:0928-1)

This update for sudo fixes the following issues : Fixed a potential crash on exit as a result of the fix of CVE-2021-3156 bsc1181090 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

7.8CVSS7.3AI score0.99295EPSS
Exploits81References4
OSV
OSV
added 2021/03/24 11:6 a.m.6 views

SUSE-SU-2021:0928-1 Security update for sudo

This update for sudo fixes the following issues: - Fixed a potential crash on exit as a result of the fix of CVE-2021-3156 bsc1181090...

7.8CVSS8.1AI score0.99295EPSS
Exploits81References3
OpenVAS
OpenVAS
added 2021/03/24 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1707)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.99295EPSS
Exploits83References4
Tenable Nessus
Tenable Nessus
added 2021/03/24 12:0 a.m.51 views

EulerOS 2.0 SP5 : sudo (EulerOS-SA-2021-1707)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing...

7.8CVSS7.2AI score0.99295EPSS
Exploits83References4
GithubExploit
GithubExploit
added 2021/03/19 2:6 p.m.150 views

Exploit for Off-by-one Error in Sudo_Project Sudo

Título del Proyecto Generador de exploit para CVE-2021-3156 s...

7.8CVSS7.9AI score0.99295EPSS
Exploits81
Rows per page
Query Builder