Lucene search
K

4733 matches found

Ubuntu
Ubuntu
added 2014/06/18 5:47 p.m.64 views

USN-2248-1: OpenStack Cinder vulnerability

Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in OpenStack Cinder, this vulnerability could be used to escalate privileges. CVE-2013-1068...

5CVSS5.3AI score0.01193EPSS
Exploits0
OSV
OSV
added 2014/06/18 5:47 p.m.6 views

USN-2248-1 cinder vulnerability

Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in OpenStack Cinder, this vulnerability could be used to escalate privileges. CVE-2013-1068...

5CVSS5.8AI score0.01193EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2014/06/17 9:50 p.m.82 views

USN-2247-1: OpenStack Nova vulnerabilities

Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in OpenStack Nova, this vulnerability could be used to escalate privileges. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS...

7.1CVSS5.5AI score0.02159EPSS
Exploits2
OSV
OSV
added 2014/06/17 9:50 p.m.4 views

USN-2247-1 nova vulnerabilities

Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in OpenStack Nova, this vulnerability could be used to escalate privileges. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS...

7.1CVSS5.8AI score0.02159EPSS
Exploits2References8
UbuntuCve
UbuntuCve
added 2014/06/17 12:0 a.m.42 views

CVE-2013-1068

The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...

5CVSS5.9AI score0.01193EPSS
Exploits0References4
OSV
OSV
added 2014/06/17 12:0 a.m.3 views

UBUNTU-CVE-2013-1068

The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...

5CVSS5.8AI score0.01193EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.32 views

openSUSE Security Update : sudo (openSUSE-SU-2013:0495-1)

sudo was updated to fix two security issues, where adjusting the time of the syste could be used to regain access to sudo sessions if they onc were granted. CVE-2013-1775,CVE-2013-1776 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.9CVSS7.8AI score0.03202EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.41 views

openSUSE Security Update : sudo (openSUSE-2012-73)

sudo was prone to a format string vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-73. The text description of this plugin is C SUSE LLC...

7.2CVSS7.7AI score0.02992EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.35 views

openSUSE Security Update : sudo (openSUSE-SU-2010:0591-1)

sudo's handling of the -g command line option allowed to also specify -u in some cases, therefore allowing users to actually run commands as root CVE-2010-2956. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

6.2CVSS8.1AI score0.00362EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : sudo (openSUSE-SU-2011:0050-1)

This update of sudo fixes : - CVE-2011-0010: Does ask for the user password for GID changes now. - CVE-2010-1646: CVSS v2 Base Score: 6.6 CWE-264: The secure environment option can handle multiple occurrence of PATH now. - CVE-2010-1163: CVSS v2 Base Score: 6.9 CWE-20: Improved command matching...

6.9CVSS7.5AI score0.00496EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.27 views

openSUSE Security Update : sudo (openSUSE-SU-2012:0652-1)

sudo did not always honor the HostList setting in /etc/sudoers properly %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-293. The text description of this plugin is C SUSE LLC...

7.2CVSS7.4AI score0.00399EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/05/29 8:15 p.m.37 views

Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Updated openstack-neutron packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability...

7.6CVSS5.8AI score0.03324EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2014/04/04 12:0 a.m.28 views

SuSE 11.3 Security Update : sudo (SAT Patch Number 9044)

This collective update for sudo provides fixes for the following issues : - Security policy bypass when envreset is disabled. CVE-2014-0106, bnc866503 - Regression in the previous update that causes a segmentation fault when running 'sudo -s'. bnc868444 - Command 'who -m' prints no output when...

6.6CVSS5.4AI score0.00338EPSS
Exploits2References5
NVD
NVD
added 2014/03/21 4:38 a.m.13 views

CVE-2011-5275

The install script in Domain Technologie Control DTC before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges...

7.5CVSS6.7AI score0.013EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/03/21 4:38 a.m.30 views

CVE-2011-5275

The install script in Domain Technologie Control DTC before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges...

7.5CVSS5.9AI score0.013EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/03/20 7:0 p.m.24 views

CVE-2011-5275

The install script in Domain Technologie Control DTC before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges...

6.7AI score0.013EPSS
Exploits0References3
CVE
CVE
added 2014/03/20 7:0 p.m.37 views

CVE-2011-5275

The CVE affects Domain Technologie Control (DTC) installations where the install script before version 0.34.1 erroneously grants sudo permissions for chrootuid to the dtc user, enabling potential privilege escalation. Root cause: the installer script configures sudo access for dtc, increasing the...

7.5CVSS6.9AI score0.013EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2014/03/20 4:16 p.m.6 views

SUSE-SU-2015:0985-1 Security update for sudo

This collective update for sudo provides fixes for the following issues: Security policy bypass when envreset is disabled. CVE-2014-0106, bnc866503 Regression in the previous update that causes a segmentation fault when running 'sudo -s'. bnc868444 Command 'who -m' prints no output when using...

6.6CVSS4.2AI score0.0047EPSS
Exploits3References12
securityvulns
securityvulns
added 2014/03/18 12:0 a.m.51 views

[USN-2146-1] Sudo vulnerabilities

========================================================================== Ubuntu Security Notice USN-2146-1 March 13, 2014 sudo vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

6.6CVSS0.5AI score0.00338EPSS
Exploits2
securityvulns
securityvulns
added 2014/03/18 12:0 a.m.29 views

sudo security vulnerabilities

Restrictions bypass...

6.6CVSS2.1AI score0.00338EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder