Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2010-257-02
HistorySep 15, 2010 - 3:39 a.m.

[slackware-security] sudo

2010-09-1503:39:34
Slackware Linux Project
www.slackware.com
10

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.

Here are the details from the Slackware 13.1 ChangeLog:

patches/packages/sudo-1.7.4p4-i486-1_slack13.1.txz: Upgraded.
This fixes a flaw that could lead to privilege escalation.
For more information, see:
https://vulners.com/cve/CVE-2010-2956
(* Security fix *)

Where to find the new packages:

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sudo-1.7.4p4-i386-1_slack8.1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sudo-1.7.4p4-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/sudo-1.7.4p4-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/sudo-1.7.4p4-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/sudo-1.7.4p4-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/sudo-1.7.4p4-i486-1_slack10.2.tgz

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/sudo-1.7.4p4-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/sudo-1.7.4p4-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/sudo-1.7.4p4-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/sudo-1.7.4p4-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/sudo-1.7.4p4-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/sudo-1.7.4p4-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/sudo-1.7.4p4-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/sudo-1.7.4p4-x86_64-1_slack13.1.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/sudo-1.7.4p4-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/sudo-1.7.4p4-x86_64-1.txz

MD5 signatures:

Slackware 8.1 package:
0020792ca37f1950dc990008d75b0f3d sudo-1.7.4p4-i386-1_slack8.1.tgz

Slackware 9.0 package:
350d64e2419f3352e0136f92623dc583 sudo-1.7.4p4-i386-1_slack9.0.tgz

Slackware 9.1 package:
623499bc7fec7a89842c230cc1e84082 sudo-1.7.4p4-i486-1_slack9.1.tgz

Slackware 10.0 package:
fe868c844e0d6f8e4a4e60d565f04a3f sudo-1.7.4p4-i486-1_slack10.0.tgz

Slackware 10.1 package:
900568d7a79ffe2772dd1f27caad0212 sudo-1.7.4p4-i486-1_slack10.1.tgz

Slackware 10.2 package:
f8ac4ed69142b4f3ff25969047e7a58d sudo-1.7.4p4-i486-1_slack10.2.tgz

Slackware 11.0 package:
0c863b24b251fbffc8838a2eba69eb50 sudo-1.7.4p4-i486-1_slack11.0.tgz

Slackware 12.0 package:
f2ba9e4c37ef4c37e34b6146645a6347 sudo-1.7.4p4-i486-1_slack12.0.tgz

Slackware 12.1 package:
b62dded6da8f591c1d3a5d6046391c8a sudo-1.7.4p4-i486-1_slack12.1.tgz

Slackware 12.2 package:
b8a823c4e0a8981a234a74399aec4455 sudo-1.7.4p4-i486-1_slack12.2.tgz

Slackware 13.0 package:
04bb8ef4ae1bd88314a784848ac52808 sudo-1.7.4p4-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
00b2632ec3f5c8a338a7ddca22ec6304 sudo-1.7.4p4-x86_64-1_slack13.0.txz

Slackware 13.1 package:
6da326f6cfd388d87de5c1853d8eb3ff sudo-1.7.4p4-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
9adb750d7ec6682c9dc397cb11afb33a sudo-1.7.4p4-x86_64-1_slack13.1.txz

Slackware -current package:
81bacc8344d247049702296af84a2903 ap/sudo-1.7.4p4-i486-1.txz

Slackware x86_64 -current package:
9b2fa535f361d32cbbca67df23e88d20 ap/sudo-1.7.4p4-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg sudo-1.7.4p4-i486-1_slack13.1.txz

Related

fedora 3
openvas 21
nessus 17
redhat 1
prion 1
debiancve 1
ubuntu 1
veracode 1
oraclelinux 1
freebsd 1
securityvulns 2
centos 1
cve 1
ubuntucve 1
gentoo 1
vmware 2
fedora
fedora
[SECURITY] Fedora 13 Update: sudo-1.7.4p4-1.fc13
2010-09-11 09:03:30
[SECURITY] Fedora 12 Update: sudo-1.7.4p4-2.fc12
2010-09-28 05:28:31
[SECURITY] Fedora 14 Update: sudo-1.7.4p4-1.fc14
2010-09-15 07:09:06
openvas
openvas
CentOS Update for sudo CESA-2010:0675 centos5 i386
2011-08-09 00:00:00
Slackware Advisory SSA:2010-257-02 sudo
2012-09-11 00:00:00
Ubuntu Update for sudo vulnerability USN-983-1
2010-09-10 00:00:00
nessus
nessus
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2010-257-02)
2010-09-15 00:00:00
CentOS 5 : sudo (CESA-2010:0675)
2010-09-13 00:00:00
openSUSE Security Update : sudo (openSUSE-SU-2010:0591-1)
2014-06-13 00:00:00
redhat
redhat
(RHSA-2010:0675) Important: sudo security update
2010-09-07 00:00:00
prion
prion
Design/Logic Flaw
2010-09-10 19:00:00
debiancve
debiancve
CVE-2010-2956
2010-09-10 19:00:00
ubuntu
ubuntu
Sudo vulnerability
2010-09-07 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:47:56
oraclelinux
oraclelinux
sudo security update
2010-09-07 00:00:00
freebsd
freebsd
sudo -- Flaw in Runas group matching
2010-09-07 00:00:00
securityvulns
securityvulns
[USN-983-1] Sudo vulnerability
2010-09-12 00:00:00
sudo privilege escalation
2010-09-12 00:00:00
centos
centos
sudo security update
2010-09-12 16:45:07
cve
cve
CVE-2010-2956
2010-09-10 19:00:00
ubuntucve
ubuntucve
CVE-2010-2956
2010-08-31 00:00:00
gentoo
gentoo
sudo: Privilege Escalation
2010-09-07 00:00:00
vmware
vmware
VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
2011-01-04 00:00:00
VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
2011-01-04 00:00:00

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON
Related for SSA-2010-257-02
fedora3openvas21nessus17redhat1prion1debiancve1ubuntu1veracode1oraclelinux1freebsd1securityvulns2centos1cve1ubuntucve1gentoo1vmware2