4730 matches found
RHEL 7 : sudo (RHSA-2021:0225)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0225 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
RHEL 7 : sudo (RHSA-2021:0222)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0222 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Vulnerabilities fixed in sudo
Several vulnerabilities have been fixed in sudo. A local malicious party can, by exploiting these vulnerabilities, gain gain root privileges on the vulnerable system. The developers of sudo have released updates to fix the vulnerability marked CVE-2021-3156 in version 1.9.5p2. The vulnerabilities...
GLSA-202101-33 : sudo: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202101-33 sudo: Multiple vulnerabilities Multiple vulnerabilities have been discovered in sudo. Please review the CVE identifiers referenced below for details. Impact : Local users are able to gain unauthorized privileges on the...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Sudo vulnerabilities (USN-4705-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4705-1 advisory. It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue...
RHEL 8 : sudo (RHSA-2021:0220)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0220 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Fedora 32 : sudo (2021-8840cbdccd)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-8840cbdccd advisory. - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via...
Security update for sudo (important)
openSUSE Security Update: Security update for sudo Announcement ID: openSUSE-SU-2021:0169-1 Rating: important References: 1180684 1180685 1180687 1181090 Cross-References: CVE-2021-23239 CVE-2021-23240 CVE-2021-3156 Affected Products: openSUSE Leap 15.1 An update that solves three vulnerabilities...
Security update for sudo (important)
openSUSE Security Update: Security update for sudo Announcement ID: openSUSE-SU-2021:0170-1 Rating: important References: 1180684 1180685 1180687 1181090 Cross-References: CVE-2021-23239 CVE-2021-23240 CVE-2021-3156 Affected Products: openSUSE Leap 15.2 An update that solves three vulnerabilities...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Privilege Escalation
sudo is vulnerable to privilege escalation. The vulnerability exists through a heap-based buffer overflow, through sudoedit -s and a command line argument ending with a \ character...
[slackware-security] sudo
New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/sudo-1.9.5p2-i586-1slack14.2.txz: Upgraded. When invoked as sudoedit, the same set of command line options are now accepted...
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character...
ALPINE-CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character...
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character...
DEBIAN-CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character...
Heap overflow
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character...
sudo: Heap buffer overflow in argument parsing
A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command by default, any local user can execute sudo without authentication. Successful exploitation of this flaw coul...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact ...