4730 matches found
Oracle Linux 6 : sudo (ELSA-2021-9169)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9169 advisory. 1.8.6p3-29.0.3.el610.3 - Fix a bug on CVE-2021-3156.patch backported from ol7 Orabug: 32717065 Tenable has extracted the preceding description block directly fr...
EulerOS Virtualization 2.9.1 : sudo (EulerOS-SA-2021-1726)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux...
EulerOS Virtualization 2.9.0 : sudo (EulerOS-SA-2021-1757)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux...
Exploit for Off-by-one Error in Sudo_Project Sudo
This is a Python-based exploit for the CVE-2021-3156 vulnerability in sudo. The exploit targets Linux systems with glibc and nscd service not running. It overwrites the struct serviceuser to gain root privileges. The exploit has several variants, including: 1. exploitnss.py: This is the main...
Traitor - Automatic Linux Privesc Via Exploitation Of Low-Hanging Fruit E.G. GTFOBin
Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of methods to exploit local misconfigurations and vulnerabilities including most of GTFOBins in order to pop a root shell. It'll exploit most sudo privileges listed in...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1757)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1726)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution
Summary Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution Vulnerability Details CVEID: CVE-2021-3156 DESCRIPTION: Sudo is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when parsing command line arguments. By sending an "sudoedit -s" and a...
VestaCP elevation of privilege vulnerability (CNVD-2021-28371)
VestaCP is an open source hosting control panel that can be used to manage multiple websites, create and manage email accounts, FTP accounts and MySQL databases, and manage DNS records. An elevation of privilege vulnerability exists in VestaCP 0.9.8-24 and earlier versions. The vulnerability stem...
CVE-2021-30462
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...
CVE-2021-30462
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...
Design/Logic Flaw
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...
CVE-2021-30462
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...
Vesta Control Panel 访问控制错误漏洞
VestaCP is an open source hosting control panel that can be used to manage multiple websites, create and manage email accounts, FTP accounts and MySQL databases, and manage DNS records. An elevation of privilege vulnerability exists in VestaCP 0.9.8-24 and earlier versions. The vulnerability stem...
Exploit for OS Command Injection in Raspap
CVE-2020-24572-POC An issue was discovered in includes/webcons...
SUSE SLES12 Security Update : sudo (SUSE-SU-2021:0928-1)
This update for sudo fixes the following issues : Fixed a potential crash on exit as a result of the fix of CVE-2021-3156 bsc1181090 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...
SUSE-SU-2021:0928-1 Security update for sudo
This update for sudo fixes the following issues: - Fixed a potential crash on exit as a result of the fix of CVE-2021-3156 bsc1181090...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1707)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : sudo (EulerOS-SA-2021-1707)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing...
Exploit for Off-by-one Error in Sudo_Project Sudo
Título del Proyecto Generador de exploit para CVE-2021-3156 s...