9 matches found
sudo: LPE via host option
A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...
sudo: arbitrary file write with privileges of the RunAs user
A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...
sudo: arbitrary file write with privileges of the RunAs user
A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...
sudo: arbitrary file write with privileges of the RunAs user
A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...
sudo: arbitrary file write with privileges of the RunAs user
A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...
sudo: arbitrary file write with privileges of the RunAs user
A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...
sudo: arbitrary file write with privileges of the RunAs user
A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 toc Vulnerability profile Vulnerabilit...
Oracle Linux 7 : sudo (ELSA-2016-2593)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-2593 advisory. 1.8.6p7-20 - RHEL 7.3 erratum - fixed visudo's -q flag Resolves: rhbz1350828 1.8.6p7-19 - RHEL 7.3 erratum - removed INPUTRC from envkeep to prevent a potential...