26 matches found
CLSA-2026-1777378006 sudo: Fix of 3 CVEs
CVE-2021-23239: fix potential directory existence info leak in sudoedit - CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...
CLSA-2026-1777377545 sudo: Fix of 3 CVEs
CVE-2021-23239: fix potential directory existence info leak in sudoedit - CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2024-2678)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : sudo (EulerOS-SA-2024-1946)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.13 does not escape control characters in log messages.CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in...
CLSA-2024-1719920793 sudo: Fix of 2 CVEs
CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...
CLSA-2024-1711476502 sudo: Fix of 2 CVEs
CVE-2023-28486: Escape control characters in log messages - CVE-2023-28487: Escape control characters in sudoreplay output...
CentOS 8 : sudo (CESA-2024:0811)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0811 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...
RHEL 8 / 9 : sudo (RHSA-2024:0811)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0811 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute...
EulerOS Virtualization 2.11.0 : sudo (EulerOS-SA-2023-2775)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control...
EulerOS 2.0 SP11 : sudo (EulerOS-SA-2023-2670)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...
EulerOS Virtualization 2.11.1 : sudo (EulerOS-SA-2023-2744)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control...
EulerOS Virtualization 2.10.0 : sudo (EulerOS-SA-2023-2494)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control...
USN-6005-2 sudo vulnerabilities
USN-6005-1 fixed vulnerabilities in Sudo. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could...
EulerOS 2.0 SP10 : sudo (EulerOS-SA-2023-1813)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...
EulerOS 2.0 SP10 : sudo (EulerOS-SA-2023-1831)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Sudo vulnerabilities (USN-6005-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6005-1 advisory. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay...
USN-6005-1 sudo vulnerabilities
Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could possibly use these issues to inject terminal control characters that alter output when being viewed...
SUSE SLES12 Security Update : sudo (SUSE-SU-2023:1700-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1700-1 advisory. - CVE-2023-28486: Fixed missing control characters escaping in log messages bsc1209362. - CVE-2023-28487: Fixed missing control...
SUSE-SU-2023:1700-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-28486: Fixed missing control characters escaping in log messages bsc1209362. - CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output bsc1209361...
Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2023-135)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-135 advisory. Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28487 Tenable has...