Download
| Alert*
oval:org.secpod.oval:def:201890
The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled Runas specifications containing both a user and a group list. If a local user were authorized by the sudoers file to perform their sudo commands with the ... oval:org.secpod.oval:def:500345 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled Runas specifications containing both a user and a group list. If a local user were authorized by the sudoers file to perform their sudo commands with the ... oval:org.secpod.oval:def:201816 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled Runas specifications containing both a user and a group list. If a local user were authorized by the sudoers file to perform their sudo commands with the ... oval:org.secpod.oval:def:500470 The sudo utility allows system administrators to give certain users the ability to run commands as root. The RHBA-2010:0212 sudo update released as part of Red Hat Enterprise Linux 5.5 added the ability to change the value of the ignore_dot option in the "/etc/sudoers" configuration file. ... oval:org.secpod.oval:def:201904 The sudo utility allows system administrators to give certain users the ability to run commands as root. The RHBA-2010:0212 sudo update released as part of Red Hat Enterprise Linux 5.5 added the ability to change the value of the ignore_dot option in the "/etc/sudoers" configuration file. ... oval:org.secpod.oval:def:500307 The sudo utility allows system administrators to give certain users the ability to run commands as root. A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers file to use this pseudo-command, they could possibly lev ... oval:org.secpod.oval:def:201835 The sudo utility allows system administrators to give certain users the ability to run commands as root. The RHBA-2010:0212 sudo update released as part of Red Hat Enterprise Linux 5.5 added the ability to change the value of the ignore_dot option in the "/etc/sudoers" configuration file. ... oval:org.secpod.oval:def:500371 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled the presence of duplicated environment variables. A local user authorized to run commands using sudo could use this flaw to set additional values for the ... oval:org.secpod.oval:def:201841 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled the presence of duplicated environment variables. A local user authorized to run commands using sudo could use this flaw to set additional values for the ... oval:org.secpod.oval:def:201805 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled the presence of duplicated environment variables. A local user authorized to run commands using sudo could use this flaw to set additional values for the ... oval:org.secpod.oval:def:201802 The sudo utility allows system administrators to give certain users the ability to run commands as root. A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers file to use this pseudo-command, they could possibly lev ... oval:org.secpod.oval:def:201735 The sudo utility allows system administrators to give certain users the ability to run commands as root. A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers file to use this pseudo-command, they could possibly lev ... oval:org.secpod.oval:def:204525 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: * It was discovered that the sudo noexec restricti ... oval:org.secpod.oval:def:202419 The sudo utility allows system administrators to give certain users the ability to run commands as root. An insecure temporary file use flaw was found in the sudo package"s post-uninstall script. A local attacker could possibly use this flaw to overwrite an arbitrary file via a symbolic link attack ... oval:org.secpod.oval:def:500866 The sudo utility allows system administrators to give certain users the ability to run commands as root. An insecure temporary file use flaw was found in the sudo package"s post-uninstall script. A local attacker could possibly use this flaw to overwrite an arbitrary file via a symbolic link attack ... oval:org.secpod.oval:def:500135 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo failed to promp ... oval:org.secpod.oval:def:500735 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo failed to promp ... oval:org.secpod.oval:def:1500246 An updated sudo package that fixes multiple security issues and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings ... oval:org.secpod.oval:def:600985 Several vulnerabilities have been discovered in sudo, a program designed to allow a sysadmin to give limited root privileges to users. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1775 Marco Schoepl discovered an authentication bypass when the clock is ... oval:org.secpod.oval:def:701200 sudo: Provide limited super user privileges to specific users Sudo could be made to run programs as the administrator without a password prompt. oval:org.secpod.oval:def:1600292 A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim"s passwo ... oval:org.secpod.oval:def:1500311 An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System base scores, which give detail ... oval:org.secpod.oval:def:701611 sudo: Provide limited super user privileges to specific users Several security issues were fixed in Sudo. oval:org.secpod.oval:def:1500408 An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available ... oval:org.secpod.oval:def:501143 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges ... oval:org.secpod.oval:def:501098 The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges ... |