Privilege escalation in rbac

Impact Using a carefully crafted request or malicious proxy, a user with UserWrite permissions could create another user with higher privileges than their own due to insufficient checks on the allowed set of permissions. The event would be captured in the Event Log. Patches The issue has been fix...

[SECURITY] Fedora 27 Update: rootsh-1.5.3-17.fc27

Rootsh is a wrapper for shells which logs all echoed keystrokes and terminal output to a file and/or to syslog. Its main purpose is the auditing of users who need a shell with root privileges. They start rootsh through the sudo mechanism...