13 matches found
EUVD-2015-8127
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2015-8239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them befo...
SUSE CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
Sudo sudoers plugin design vulnerability
Sudo is a suite of programs developed by software developer Todd C. Miller for Unix-like operating systems that allow users to execute commands in a secure manner with special privileges. sudoers plugin is one of the Sudo configuration plugin. A design flaw exists in the SHA-2 digest support of t...
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
DEBIAN-CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
Command injection
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
UBUNTU-CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
CVE-2015-8239
The CVE-2015-8239 issue affects the sudoers plugin in sudo versions after 1.8.7. The root cause is the SHA-2 digest support in the sudoers plugin, which allows local users with write permissions to parts of the called command to replace them before execution. Reported impacts indicate that a loca...
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
CVE-2015-8239
The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed...
Updated sudo packages fix security vulnerability
A vulnerability in functionality for adding support of SHA-2 digests along with the command was found. The sudoers plugin performs this digest verification while matching rules, and later independently calls execve to execute the binary. This results in a race condition if the digest functionalit...