4733 matches found
USN-2248-1: OpenStack Cinder vulnerability
Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in OpenStack Cinder, this vulnerability could be used to escalate privileges. CVE-2013-1068...
USN-2248-1 cinder vulnerability
Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in OpenStack Cinder, this vulnerability could be used to escalate privileges. CVE-2013-1068...
USN-2247-1: OpenStack Nova vulnerabilities
Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in OpenStack Nova, this vulnerability could be used to escalate privileges. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS...
USN-2247-1 nova vulnerabilities
Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in OpenStack Nova, this vulnerability could be used to escalate privileges. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS...
CVE-2013-1068
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
UBUNTU-CVE-2013-1068
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
openSUSE Security Update : sudo (openSUSE-SU-2013:0495-1)
sudo was updated to fix two security issues, where adjusting the time of the syste could be used to regain access to sudo sessions if they onc were granted. CVE-2013-1775,CVE-2013-1776 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
openSUSE Security Update : sudo (openSUSE-2012-73)
sudo was prone to a format string vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-73. The text description of this plugin is C SUSE LLC...
openSUSE Security Update : sudo (openSUSE-SU-2010:0591-1)
sudo's handling of the -g command line option allowed to also specify -u in some cases, therefore allowing users to actually run commands as root CVE-2010-2956. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
openSUSE Security Update : sudo (openSUSE-SU-2011:0050-1)
This update of sudo fixes : - CVE-2011-0010: Does ask for the user password for GID changes now. - CVE-2010-1646: CVSS v2 Base Score: 6.6 CWE-264: The secure environment option can handle multiple occurrence of PATH now. - CVE-2010-1163: CVSS v2 Base Score: 6.9 CWE-20: Improved command matching...
openSUSE Security Update : sudo (openSUSE-SU-2012:0652-1)
sudo did not always honor the HostList setting in /etc/sudoers properly %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-293. The text description of this plugin is C SUSE LLC...
Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update
Updated openstack-neutron packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability...
SuSE 11.3 Security Update : sudo (SAT Patch Number 9044)
This collective update for sudo provides fixes for the following issues : - Security policy bypass when envreset is disabled. CVE-2014-0106, bnc866503 - Regression in the previous update that causes a segmentation fault when running 'sudo -s'. bnc868444 - Command 'who -m' prints no output when...
CVE-2011-5275
The install script in Domain Technologie Control DTC before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges...
CVE-2011-5275
The install script in Domain Technologie Control DTC before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges...
CVE-2011-5275
The install script in Domain Technologie Control DTC before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges...
CVE-2011-5275
The CVE affects Domain Technologie Control (DTC) installations where the install script before version 0.34.1 erroneously grants sudo permissions for chrootuid to the dtc user, enabling potential privilege escalation. Root cause: the installer script configures sudo access for dtc, increasing the...
SUSE-SU-2015:0985-1 Security update for sudo
This collective update for sudo provides fixes for the following issues: Security policy bypass when envreset is disabled. CVE-2014-0106, bnc866503 Regression in the previous update that causes a segmentation fault when running 'sudo -s'. bnc868444 Command 'who -m' prints no output when using...
[USN-2146-1] Sudo vulnerabilities
========================================================================== Ubuntu Security Notice USN-2146-1 March 13, 2014 sudo vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
sudo security vulnerabilities
Restrictions bypass...