Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2011-041-05
HistoryFeb 11, 2011 - 1:18 a.m.

[slackware-security] sudo

2011-02-1101:18:11
Slackware Linux Project
www.slackware.com
19

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

17.2%

JSON

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.

Here are the details from the Slackware 13.1 ChangeLog:

patches/packages/sudo-1.7.4p6-i486-1_slack13.1.txz: Upgraded.
Fix Runas group password checking.
For more information, see the included CHANGES and NEWS files, and:
https://vulners.com/cve/CVE-2011-0010
(* Security fix *)

Where to find the new packages:

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sudo-1.7.4p6-i386-1_slack8.1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sudo-1.7.4p6-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/sudo-1.7.4p6-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/sudo-1.7.4p6-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/sudo-1.7.4p6-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/sudo-1.7.4p6-i486-1_slack10.2.tgz

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/sudo-1.7.4p6-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/sudo-1.7.4p6-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/sudo-1.7.4p6-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/sudo-1.7.4p6-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/sudo-1.7.4p6-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/sudo-1.7.4p6-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/sudo-1.7.4p6-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/sudo-1.7.4p6-x86_64-1_slack13.1.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/sudo-1.7.4p6-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/sudo-1.7.4p6-x86_64-1.txz

MD5 signatures:

Slackware 8.1 package:
2413efdfdd66692482d1c08d20cec4cb sudo-1.7.4p6-i386-1_slack8.1.tgz

Slackware 9.0 package:
1e7ebbb23572aa61dc17839eba16246c sudo-1.7.4p6-i386-1_slack9.0.tgz

Slackware 9.1 package:
4504e90bb5c85f32d2d854f6fdff2e34 sudo-1.7.4p6-i486-1_slack9.1.tgz

Slackware 10.0 package:
52f71decec23d3713e893be5cd313389 sudo-1.7.4p6-i486-1_slack10.0.tgz

Slackware 10.1 package:
9bf9fba1cb8616e5ecaa7200b38a554c sudo-1.7.4p6-i486-1_slack10.1.tgz

Slackware 10.2 package:
bff1eb40a0d917bc69ed56de9d3a80b2 sudo-1.7.4p6-i486-1_slack10.2.tgz

Slackware 11.0 package:
3e38aad774807c72dfcd363dc28c96d6 sudo-1.7.4p6-i486-1_slack11.0.tgz

Slackware 12.0 package:
a398a357eefda005e48079c80e9a5a3f sudo-1.7.4p6-i486-1_slack12.0.tgz

Slackware 12.1 package:
defed431a5dd393104fb7e75eacd7f37 sudo-1.7.4p6-i486-1_slack12.1.tgz

Slackware 12.2 package:
ae631e5c89cb680de39dfc8187b6e599 sudo-1.7.4p6-i486-1_slack12.2.tgz

Slackware 13.0 package:
c87d3cf2c6d6446484840f508cc708f7 sudo-1.7.4p6-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
0e89b2c48b66e2ae9fef263999f10203 sudo-1.7.4p6-x86_64-1_slack13.0.txz

Slackware 13.1 package:
1b56f2e74922fd207fffad010fe06d5a sudo-1.7.4p6-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
e9bf6359afb94415f21cecfc6f4608d9 sudo-1.7.4p6-x86_64-1_slack13.1.txz

Slackware -current package:
1aec43064cb3d935ff0d24ac2d259be0 sudo-1.7.4p6-i486-1.txz

Slackware x86_64 -current package:
f7072eb54acc217d39b78af09810e98f sudo-1.7.4p6-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg sudo-1.7.4p6-i486-1_slack13.1.txz

Related

cve 1
freebsd 1
oraclelinux 2
nessus 19
openvas 20
ubuntu 1
prion 1
redhat 3
ubuntucve 1
veracode 1
cvelist 1
nvd 1
debiancve 1
securityvulns 2
fedora 2
gentoo 1
cve
cve
CVE-2011-0010
2011-01-18 18:03:08
freebsd
freebsd
sudo -- local privilege escalation
2011-01-11 00:00:00
oraclelinux
oraclelinux
sudo security and bug fix update
2011-05-28 00:00:00
sudo security and bug fix update
2012-03-01 00:00:00
nessus
nessus
Scientific Linux Security Update : sudo on SL6.x i386/x86_64
2012-08-01 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : sudo (SSA:2011-041-05)
2011-02-11 00:00:00
Scientific Linux Security Update : sudo on SL5.x i386/x86_64 (20120221)
2012-08-01 00:00:00
openvas
openvas
RedHat Update for sudo RHSA-2011:0599-01
2012-06-06 00:00:00
RedHat Update for sudo RHSA-2012:0309-03
2012-02-21 00:00:00
Oracle: Security Advisory (ELSA-2012-0309)
2015-10-06 00:00:00
ubuntu
ubuntu
Sudo vulnerability
2011-01-20 00:00:00
prion
prion
Authentication flaw
2011-01-18 18:03:00
redhat
redhat
(RHSA-2012:0309) Low: sudo security and bug fix update
2012-02-21 00:00:00
(RHSA-2011:0599) Low: sudo security and bug fix update
2011-05-19 00:00:00
(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update
2012-02-21 00:00:00
ubuntucve
ubuntucve
CVE-2011-0010
2011-01-18 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 01:01:50
cvelist
cvelist
CVE-2011-0010
2011-01-18 17:00:00
nvd
nvd
CVE-2011-0010
2011-01-18 18:03:08
debiancve
debiancve
CVE-2011-0010
2011-01-18 18:03:08
securityvulns
securityvulns
[USN-1046-1] Sudo vulnerability
2011-01-20 00:00:00
sudo privilege escalation
2011-01-20 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: sudo-1.7.4p5-1.fc14
2011-01-18 21:40:13
[SECURITY] Fedora 13 Update: sudo-1.7.4p5-1.fc13
2011-01-21 23:00:08
gentoo
gentoo
sudo: Privilege escalation
2012-03-06 00:00:00

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

17.2%

JSON
Related for SSA-2011-041-05
cve1freebsd1oraclelinux2nessus19openvas20ubuntu1prion1redhat3ubuntucve1veracode1cvelist1nvd1debiancve1securityvulns2fedora2gentoo1