Astra Linux - уязвимость в sudo

Sudo before 1.9.13 does not escape control characters in sudoreplay output...

CLSA-2026-1777378006 sudo: Fix of 3 CVEs

CVE-2021-23239: fix potential directory existence info leak in sudoedit - CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...

CLSA-2026-1777377545 sudo: Fix of 3 CVEs

CVE-2021-23239: fix potential directory existence info leak in sudoedit - CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2024-2644)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2024-2678)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : sudo (EulerOS-SA-2024-2493)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.13 does not escape control characters in sudoreplay output.CVE-2023-28487 Sudo before 1.9.13 does not escape control characters in lo...

EulerOS 2.0 SP9 : sudo (EulerOS-SA-2024-1973)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.13 does not escape control characters in log messages.CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in...

EulerOS 2.0 SP9 : sudo (EulerOS-SA-2024-1946)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.13 does not escape control characters in log messages.CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in...

CLSA-2024-1719920793 sudo: Fix of 2 CVEs

CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...

CLSA-2024-1719919908 sudo: Fix of 2 CVEs

CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...

CentOS 9 : sudo-1.9.5p2-10.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the sudo-1.9.5p2-10.el9 build changelog. - Sudo does not escape control characters in log messages CVE-2023-28486 - Sudo does not escape control characters in sudoreplay output...

CLSA-2024-1711476502 sudo: Fix of 2 CVEs

CVE-2023-28486: Escape control characters in log messages - CVE-2023-28487: Escape control characters in sudoreplay output...

CentOS 8 : sudo (CESA-2024:0811)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0811 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...

sudo: Sudo does not escape control characters in sudoreplay output

A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where the "sudoreplay -l' command improperly escapes terminal control characters. As sudo's log messages may contain user-controlled strings, this could allow an attacker to inject terminal control commands,...

RHEL 8 / 9 : sudo (RHSA-2024:0811)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0811 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute...

EulerOS Virtualization 2.11.0 : sudo (EulerOS-SA-2023-2775)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control...

EulerOS 2.0 SP11 : sudo (EulerOS-SA-2023-2670)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...

EulerOS Virtualization 2.11.1 : sudo (EulerOS-SA-2023-2744)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control...

EulerOS 2.0 SP11 : sudo (EulerOS-SA-2023-2712)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...

GLSA-202309-12 : sudo: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202309-12 sudo: Multiple Vulnerabilities - Sudo before 1.9.13p2 has a double free in the per-command chroot feature. CVE-2023-27320 - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo...