Download
| Alert*
oval:org.secpod.oval:def:301203
A vulnerability has been identified in sudo which allowed - depending on the sudoers rules - a sudo-user to execute arbitrary shell commands as root . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:500632 The sudo utility allows system administrators to give certain users the ability to run commands as root with logging. A flaw was discovered in a way sudo handled group specifications in "run as" lists in the sudoers configuration file. If sudo configuration allowed a user to run commands ... oval:org.secpod.oval:def:102026 Sudo allows a system administrator to give certain users the ability to run some commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per- ... oval:org.secpod.oval:def:101163 Sudo allows a system administrator to give certain users the ability to run some commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per- ... oval:org.secpod.oval:def:700457 Harald Koenig discovered that sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a "RunAs" list in the /etc/sudoers file, that user could gain root privileges. This was not an issue for the default sudoers file ... oval:org.secpod.oval:def:101165 Sudo allows a system administrator to give certain users the ability to run some commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per- ... |