CVE-2010-2757

CVE-2010-2757 describes a vulnerability in Bugzilla where the sudo feature fails to send impersonation notifications, enabling remote authenticated users to impersonate other users without discovery. The description lists affected Bugzilla releases across multiple branches (2.22rc1–3.2.7, 3.3.1–3...

Bugzilla < 3.2.8 / 3.4.8 / 3.6.2 / 3.7.3 Multiple Vulnerabilities

Binary data 5627.prm...

MDVA-2009:086 : sudo

The version of sudo shipped with 2009.1 has an incorrect path to /etc/ldap.conf compiled in. This means that users who have their sudo config supplied by their ldap server will find their rules no longer apply. This updated package uses the correct /etc/ldap.conf file. See...

Enable Web Sudo to work with other single-sign-on solutions

Customers with some of the unsupported single sign-on solutions|http://confluence.atlassian.com/display/DEV/Single+Sign-on+Integration+with+JIRA+and+Confluence can't easily upgrade to Confluence 3.3 because WebSudo doesn't handle external SSO solutions. See this example:...

Enable Web Sudo to work with other single-sign-on solutions

Customers with some of the unsupported single sign-on solutions|http://confluence.atlassian.com/display/DEV/Single+Sign-on+Integration+with+JIRA+and+Confluence can't easily upgrade to Confluence 3.3 because WebSudo doesn't handle external SSO solutions. See this example:...

Enable Web Sudo to work with other single-sign-on solutions

Customers with some of the unsupported single sign-on solutions|http://confluence.atlassian.com/display/DEV/Single+Sign-on+Integration+with+JIRA+and+Confluence can't easily upgrade to Confluence 3.3 because WebSudo doesn't handle external SSO solutions. See this example:...

sudo is decorated with global decorator

The reasoning behind preventing theme developers from theming the admin areas was because if you don't know what you are doing then you can mess things up to such an extent that you are unable to use confluence. By decorating the sudo login pages using the global decorator it exposes the user to...

sudo is decorated with global decorator

The reasoning behind preventing theme developers from theming the admin areas was because if you don't know what you are doing then you can mess things up to such an extent that you are unable to use confluence. By decorating the sudo login pages using the global decorator it exposes the user to...

sudo is decorated with global decorator

The reasoning behind preventing theme developers from theming the admin areas was because if you don't know what you are doing then you can mess things up to such an extent that you are unable to use confluence. By decorating the sudo login pages using the global decorator it exposes the user to...

Debian Security Advisory DSA 2062-1 (sudo)

The remote host is missing an update to sudo announced via advisory DSA 2062-1. OpenVAS Vulnerability Test $Id: deb20621.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2062-1 sudo Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Debian: Security Advisory (DSA-2062-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for sudo vulnerability USN-956-1

Ubuntu Update for Linux kernel vulnerabilities USN-956-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9561.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for sudo vulnerability USN-956-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-956-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : sudo vulnerability (USN-956-1)

Evan Broder and Anders Kaseorg discovered that sudo did not properly sanitize its environment when configured to use securepath the default in Ubuntu. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program that interpret...

Fedora 13 : sudo-1.7.2p6-2.fc13 (2010-9402)

added patch that fixes insufficient environment sanitization issue CVE-2010-1646 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 12 : sudo-1.7.2p6-2.fc12 (2010-9415)

added patch that fixes insufficient environment sanitization issue CVE-2010-1646 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 13 : sudo-1.7.2p6-1.fc13 (2010-6756)

update to new upstream version - merged .audit and .libaudit patch - added sudoers.ldap.5 to files - http://sudo.ws/sudo/alerts/sudoeditescalate2.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...

Fedora 13 : sudo-1.7.2p5-1.fc13 (2010-3352)

update to new upstream version - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Fedora 12 : sudo-1.7.2p5-1.fc12 (2010-3359)

update to new upstream version - fixes CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution Fedora all 567676 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Fedora 11 : sudo-1.7.2p6-1.fc11 (2010-6749)

update to new upstream version - merged .audit and .libaudit patch - added sudoers.ldap.5 to files - http://sudo.ws/sudo/alerts/sudoeditescalate2.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...