[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:89044767
This update for sudo fixes the following security issue: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. Also the following non security bug was fixed: - Link ...

oval:org.secpod.oval:def:55017
sudo: Provide limited super user privileges to specific users Several security issues were fixed in Sudo.

oval:org.secpod.oval:def:89045014
This update for sudo fixes the following issues: - A regression in the fix for the CVE-2017-1000368 that broke sudo with the requiretty flag

oval:org.secpod.oval:def:204524
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: * It was found that the original fix for CVE-2017- ...

oval:org.secpod.oval:def:204526
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: * It was found that the original fix for CVE-2017- ...

oval:org.secpod.oval:def:1501903
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501902
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1501906
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:1901858
Todd Miller"s sudo version 1.8.20p1 and earlier is vulnerable to an input validation in the get_process_ttyname function resulting in information disclosure and command execution.

oval:org.secpod.oval:def:502054
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: * It was found that the original fix for CVE-2017- ...

oval:org.secpod.oval:def:1600731
It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root

oval:org.secpod.oval:def:54576
sudo: Provide limited super user privileges to specific users Several security issues were fixed in Sudo.

oval:org.secpod.oval:def:1700229
When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.This can be used by a user with sufficient sudo privileges to run commands as root even if the ...

CWE    1
CWE-20
*CVE
CVE-2017-1000368

© SecPod Technologies