MiracleLinux 3 : sudo-1.6.9p17-3AXS3.1 (AXSA:2009-35:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-35:01 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

EUVD-2020-2741

Malware in sbrugna...

NewStart CGSL MAIN 6.06 : sudo Vulnerability (NS-SA-2025-0224)

The remote NewStart CGSL host, running version MAIN 6.06, has sudo packages installed that are affected by a vulnerability: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers file during authorizatio...

CVE-2020-10286

the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation...

Design/Logic Flaw

the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation...

CVE-2020-10286

CVE-2020-10286 describes a privilege escalation risk due to a mismanaged permission implementation where a main user account in the sudoers group can run sudo su or sudo -i to gain unrestricted access to sensitive files and operations. The NVD records indicate impact across confidentiality, integ...

CVE-2020-10286 RVD#3323: Mismanaged permission implementation leads to privilege escalation, exfiltration of sensitive information, and DoS

the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation...

IPConfigure Orchid VMS 2.0.5 Directory Traversal / Information Disclosure

require 'msf/core' class MetasploitModule 'IPConfigure Orchid VMS %q Orchid Core VMS is vulnerable to a directory traversal attack. This affects Linux and Windows operating systems. This allows a remote, unauthenticated attacker to send crafted GET requests to the application, which results in th...

IPConfigure Orchid VMS 2.0.5 - Directory Traversal / Information Disclosure (Metasploit)

require 'msf/core' class MetasploitModule 'IPConfigure Orchid VMS %q Orchid Core VMS is vulnerable to a directory traversal attack. This affects Linux and Windows operating systems. This allows a remote, unauthenticated attacker to send crafted GET requests to the application, which results in th...

IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure (Metasploit)

IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure Metasploit require 'msf/core' class MetasploitModule 'IPConfigure Orchid VMS %q Orchid Core VMS is vulnerable to a directory traversal attack. This affects Linux and Windows operating systems. This allows a remote,...

PT-2011-2010 · Sudo · Sudo

Name of the Vulnerable Software and Affected Versions: sudo versions prior to 1.7.4p5-1.fc14 Description: The issue arises from improper interpretation of a system group in the sudoers file, allowing local users to gain root privileges via a sudo command. This is a result of a regression related ...

Smb4K: Multiple vulnerabilities

Background Smb4K is a SMB/CIFS Windows share browser for KDE. Description Kees Cook of the Ubuntu Security Team has identified multiple vulnerabilities in Smb4K. The writeFile function of smb4k/core/smb4kfileio.cpp makes insecure usage of temporary files. The writeFile function also stores the...