This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sudo Project First view 2017-06-05
Product Sudo Last view 2020-01-29
Version 1.8.15 Type Application
Update b5  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:sudo_project:sudo

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2020-01-29 CVE-2019-18634

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

7 2019-11-04 CVE-2019-18684

** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.

8.8 2019-10-17 CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.

7.8 2018-05-29 CVE-2016-7076

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

7 2017-10-10 CVE-2015-8239

The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write permissions to parts of the called command to replace them before it is executed.

8.2 2017-06-05 CVE-2017-1000368

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

6.4 2017-06-05 CVE-2017-1000367

Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.

CWE : Common Weakness Enumeration

%idName
42% (3) CWE-362 Race Condition
28% (2) CWE-20 Improper Input Validation
14% (1) CWE-787 Out-of-bounds Write
14% (1) CWE-77 Improper Sanitization of Special Elements used in a Command ('Comma...

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-11-21 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1380.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO
2017-10-23 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa_10826.nasl - Type: ACT_GATHER_INFO
2017-10-09 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201710-04.nasl - Type: ACT_GATHER_INFO
2017-08-15 Name: The remote host running McAfee Web Gateway is affected by multiple code execu...
File: mcafee_web_gateway_sb10205.nasl - Type: ACT_GATHER_INFO
2017-07-31 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2017-0125.nasl - Type: ACT_GATHER_INFO
2017-07-17 Name: The remote Fedora host is missing a security update.
File: fedora_2017-8b250ebe97.nasl - Type: ACT_GATHER_INFO
2017-07-14 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2016-2872.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-1574.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-1382.nasl - Type: ACT_GATHER_INFO
2017-07-10 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2017-1121.nasl - Type: ACT_GATHER_INFO
2017-07-10 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2017-1120.nasl - Type: ACT_GATHER_INFO
2017-07-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-855.nasl - Type: ACT_GATHER_INFO
2017-07-05 Name: The remote Debian host is missing a security update.
File: debian_DLA-1011.nasl - Type: ACT_GATHER_INFO
2017-07-05 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1771-1.nasl - Type: ACT_GATHER_INFO
2017-07-05 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1778-1.nasl - Type: ACT_GATHER_INFO
2017-06-30 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-744.nasl - Type: ACT_GATHER_INFO
2017-06-26 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170623_sudo_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2017-06-26 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2017-0114.nasl - Type: ACT_GATHER_INFO
2017-06-23 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-1574.nasl - Type: ACT_GATHER_INFO
2017-06-23 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-1574.nasl - Type: ACT_GATHER_INFO
2017-06-23 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-1574.nasl - Type: ACT_GATHER_INFO
2017-06-21 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1627-1.nasl - Type: ACT_GATHER_INFO
2017-06-21 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1626-1.nasl - Type: ACT_GATHER_INFO
2017-06-09 Name: The remote Fedora host is missing a security update.
File: fedora_2017-facd994774.nasl - Type: ACT_GATHER_INFO