Количество 17
Количество 17
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer a ...
openSUSE-SU-2019:2333-1
Security update for sudo
openSUSE-SU-2019:2316-1
Security update for sudo
SUSE-SU-2019:2668-1
Security update for sudo
SUSE-SU-2019:2667-1
Security update for sudo
SUSE-SU-2019:2666-1
Security update for sudo
SUSE-SU-2019:2656-1
Security update for sudo
SUSE-SU-2019:14193-1
Security update for sudo
GHSA-33h3-qhjg-4qmf
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
ELSA-2019-4822
ELSA-2019-4822: sudo security update (IMPORTANT)
ELSA-2019-4821
ELSA-2019-4821: sudo security update (IMPORTANT)
ELSA-2019-3755
ELSA-2019-3755: sudo security update (IMPORTANT)
ELSA-2019-3694
ELSA-2019-3694: sudo security update (IMPORTANT)
BDU:2019-03696
Уязвимость программы системного администрирования Sudo, существующая из-за недостаточной проверки входных данных, выполнить произвольные команды с привилегиями root
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-14287 In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. | CVSS3: 8.8 | 86% Высокий | больше 6 лет назад |
 | CVE-2019-14287 In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. | CVSS3: 7 | 86% Высокий | больше 6 лет назад |
 | CVE-2019-14287 In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. | CVSS3: 8.8 | 86% Высокий | больше 6 лет назад |
| CVE-2019-14287 In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer a ... | CVSS3: 8.8 | 86% Высокий | больше 6 лет назад |
 | openSUSE-SU-2019:2333-1 Security update for sudo | 86% Высокий | больше 6 лет назад | |
| openSUSE-SU-2019:2316-1 Security update for sudo | 86% Высокий | больше 6 лет назад | |
| SUSE-SU-2019:2668-1 Security update for sudo | 86% Высокий | больше 6 лет назад | |
| SUSE-SU-2019:2667-1 Security update for sudo | 86% Высокий | больше 6 лет назад | |
| SUSE-SU-2019:2666-1 Security update for sudo | 86% Высокий | больше 6 лет назад | |
| SUSE-SU-2019:2656-1 Security update for sudo | 86% Высокий | больше 6 лет назад | |
| SUSE-SU-2019:14193-1 Security update for sudo | 86% Высокий | больше 6 лет назад | |
| GHSA-33h3-qhjg-4qmf In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. | CVSS3: 8.8 | 86% Высокий | больше 3 лет назад |
| ELSA-2019-4822 ELSA-2019-4822: sudo security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-4821 ELSA-2019-4821: sudo security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-3755 ELSA-2019-3755: sudo security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-3694 ELSA-2019-3694: sudo security update (IMPORTANT) | около 6 лет назад | ||
 | BDU:2019-03696 Уязвимость программы системного администрирования Sudo, существующая из-за недостаточной проверки входных данных, выполнить произвольные команды с привилегиями root | CVSS3: 7.8 | 86% Высокий | больше 6 лет назад |
Уязвимостей на страницу