4730 matches found
Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug
Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. "A local attacker may be able to elevate their privileges," Apple said in a security advisory. "This issue...
USN-4705-1: Sudo vulnerabilities | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 !2021-02-10-02-18-07images/450acf1a2f14793aa...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 sudo he...
About the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...
About the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002
About the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 This document describes the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security...
Linux sudo Privilege Escalation Vulnerability (direct check)
Binary data linuxcve-2019-14287.nbin...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 CVE-2021-3156: Sudo heap overflow exploit for De...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 PoC Introduction This is an exploit for the...
Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1
1:1.9.5p2-alt0.M80P.1 built Feb. 6, 2021 Evgeny Sinelnikov in task 265379 Jan. 27, 2021 Evgeny Sinelnikov - Backport latest security release fixed CVE-2021-3156 to p8/c8/c8.1 branches without sudo python plugin due it not compatible with python3.5...
Metasploit Wrap-Up
Baron Samedit is coming to get you Last week, a critical bug in sudo came out and could potentially affect most of the Linux-based operating systems, since this tool is usually installed by default. This vulnerability is identified as CVE-2021-3156, but better known as "Baron Samedit", and is...
EulerOS 2.0 SP9 : sudo (EulerOS-SA-2021-1257)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a...
Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit
A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1257)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Solaris 10 (x86) : 152253-04
SunOS 5.10x86: sudo Patch. Date this patch was last updated by Sun : Feb/04/21 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid146247; scriptversion"1.2";...
Solaris 10 (sparc) : 152252-04
SunOS 5.10: sudo Patch. Date this patch was last updated by Sun : Feb/04/21 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid146233; scriptversion"1.2";...
Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sudo Heap-Based Buffer Overflow', 'Description' = %q A heap based buffer overflow exists in the sudo command line utility that can be exploited b...
EulerOS 2.0 SP9 : sudo (EulerOS-SA-2021-1276)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1276)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products
While Punxsutawney Phil may have said we only have six more weeks of winter, the need to patch software and hardware weaknesses will, unfortunately, never end. Cisco has released security updates to address vulnerabilities in most of their product portfolio, some of which may be exploited to gain...