4730 matches found
[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33
Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...
sudo: Heap buffer overflow in argument parsing
A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command by default, any local user can execute sudo without authentication. Successful exploitation of this flaw coul...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
sudo: Heap buffer overflow in argument parsing
A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command by default, any local user can execute sudo without authentication. Successful exploitation of this flaw coul...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Updated sudo packages fix security vulnerability
A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is no...
MGASA-2021-0056 Updated sudo packages fix security vulnerability
A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. It has been given the name Baron Samedit by its discoverer. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is no...
sudo security update
CentOS Errata and Security Advisory CESA-2021:0221 An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Fedora 33 : sudo (2021-2cb63d912a)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-2cb63d912a advisory. - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via...
RHEL 7 : sudo (RHSA-2021:0226)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0226 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Slackware 14.0 / 14.1 / 14.2 / current : sudo (SSA:2021-026-01)
New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2021-026-01. The text itself is copyrigh...
SUSE SLES12 Security Update : sudo (SUSE-SU-2021:0225-1)
This update for sudo fixes the following issues : A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges bsc1181090,CVE-2021-3156 It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit...
Oracle Linux 7 : sudo (ELSA-2021-0221)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0221 advisory. 1.8.23-10.1 - RHEL 7.9.Z ERRATUM - CVE-2021-3156 Resolves: rhbz1917729 Tenable has extracted the preceding description block directly from the Oracle Linux...
RHEL 7 : sudo (RHSA-2021:0221)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0221 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Debian DSA-4839-1 : sudo - security update
The Qualys Research Labs discovered a heap-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users. Any local user sudoers and non-sudoers can exploit this flaw for root privilege escalation. %NASLMINLEVEL 70300 C Tenable Network...
Oracle Linux 6 : sudo (ELSA-2021-9019)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9019 advisory. - Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via sudoedit -s and a command-line argument that ends with a singl...
Debian DLA-2534-1 : sudo security update
The Qualys Research Labs discovered a heap-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users. Any local user sudoers and non-sudoers can exploit this flaw for root privilege escalation. For Debian 9 stretch, this problem has...
Debian: Security Advisory (DSA-4839-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for sudo (CESA-2021:0221)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...