EulerOS 2.0 SP1 : sudo (EulerOS-SA-2017-1106)

According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute...

EulerOS 2.0 SP2 : sudo (EulerOS-SA-2017-1107)

According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute...

Fedora 24 : sudo (2017-facd994774)

update to 1.8.20p2 - added sudo package to dnf/yum protected packages ---- - update to 1.8.20p1 - fixes CVE-2017-1000367 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean...

[SECURITY] Fedora 24 Update: sudo-1.8.20p2-1.fc24

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

Fedora Update for sudo FEDORA-2017-facd994774

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : sudo (ALAS-2017-843)

A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367 C Tenable Network Security, Inc. The descriptive text a...

CVE-2017-1000368

It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root...

Important: sudo

Issue Overview: A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367 Affected Packages: sudo Issue Correctio...

CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

DEBIAN-CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

ALPINE-CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000368

CVE-2017-1000368 affects Todd Miller’s sudo prior to 1.8.20p1 and earlier, due to input validation in get_process_ttyname() that parses /proc data. This can enable information disclosure and command execution via a local user with sudo privileges. Connected advisories show multiple distributions ...

CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

Design/Logic Flaw

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000367

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

DEBIAN-CVE-2017-1000367

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...

CVE-2017-1000367

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution...

UBUNTU-CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation embedded newlines in the getprocessttyname function resulting in information disclosure and command execution...