sudo

104 items tagged "sudo"

Related tags: default [+], mdvsa [+], txt [+], escalation [+], advisory [+], usn [+], todd [+], sudo command [+], security vulnerability [+], security advisory [+], miller [+], mandriva linux [+], format string [+], format [+], change security [+], todd miller [+], ubuntu [+], slouching [+], root [+], red [+], command [+], BackTrack [+], privilege escalation vulnerability [+], local privilege escalation [+], sudoers [+], string [+], red hat security [+], privilege [+], linux security [+], glsa [+], gain root privileges [+], evan broder [+], anders kaseorg [+], x versions [+], wuethrich [+], tod miller [+], secunia [+], root exploit [+], path environment [+], markus wuethrich [+], group permissions [+], environment [+], dsa [+], default account [+], configuration option [+], broder [+], attacker [+], arbitrary code [+], sudoedit [+], local [+], wusb54g drivers [+], wlan [+], vmware [+], usbcore [+], unrar [+], spoof version [+], shell script [+], script [+], rpsa [+], root privileges [+], remote exploit [+], rar [+], quot [+], poc [+], pluggable authentication modules [+], physical memory [+], party updates [+], party [+], pam [+], openldap [+], ndman [+], ndiswrapper [+], modprobe [+], mac addresses [+], mac [+], list [+], linux [+], ivs [+], inalambrica [+], howtos [+], host [+], hacks [+], fichier host [+], extracting rar files [+], exploit [+], esx [+], debug [+], code [+], bt4 [+], and [+], alias [+], alambrica [+], administrator privileges [+], Wireless [+], Tutoriaux [+], Support [+], Soporte [+], Software [+], General [+], Fixes [+], Bugs [+], bugtraq [+], path [+], vulnerability [+], group [+], runas [+], security [+], secure path [+]

May 24, 2012
14:04
Bugtraq: [SECURITY] [DSA 2478-1] sudo security update
» ‎ SecurityFocus Vulnerabilities

[SECURITY] [DSA 2478-1] sudo security update
Tags: sudo security dsa
May 22, 2012
10:00
Bugtraq: [ MDVSA-2012:079 ] sudo
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2012:079 ] sudo
Tags: bugtraq mdvsa sudo
May 21, 2012
0:00
Vuln: Todd Miller Sudo Host_List Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Host_List Local Privilege Escalation Vulnerability
Tags: sudo list host todd-miller privilege-escalation-vulnerability local-privilege-escalation
April 02, 2012
0:00
Vuln: Todd Miller Sudo Group ID Change Security Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Group ID Change Security Vulnerability
Tags: sudo miller todd security-vulnerability change-security todd-miller
March 08, 2012
0:00
Vuln: Todd Miller Sudo Group ID Change Security Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Group ID Change Security Vulnerability
Tags: sudo miller todd security-vulnerability change-security todd-miller
February 24, 2012
0:00
Vuln: Todd Miller Sudo 'Sudo_Debug()' Path Resolution Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'Sudo_Debug()' Path Resolution Local Privilege Escalation Vulnerability
Tags: path sudo debug todd-miller privilege-escalation-vulnerability local-privilege-escalation

February 21, 2012
7:41
Red Hat Security Advisory 2012-0309-03
» ‎ Packet Storm Security Advisories

Red Hat Security Advisory 2012-0309-03 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo failed to prompt for the user's password before running the specified command with the elevated group privileges. Various other issues have also been addressed in this advisory.
Tags: advisory sudo red red-hat-security sudoers security-advisory

7:41
Red Hat Security Advisory 2012-0309-03
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-0309-03 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo failed to prompt for the user's password before running the specified command with the elevated group privileges. Various other issues have also been addressed in this advisory.
Tags: advisory sudo red red-hat-security sudoers security-advisory

7:41
Red Hat Security Advisory 2012-0309-03
» ‎ Packet Storm Security Misc. Files

Red Hat Security Advisory 2012-0309-03 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo failed to prompt for the user's password before running the specified command with the elevated group privileges. Various other issues have also been addressed in this advisory.
Tags: advisory sudo red red-hat-security sudoers security-advisory

0:00
Vuln: Todd Miller Sudo Group ID Change Security Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Group ID Change Security Vulnerability
Tags: sudo miller todd security-vulnerability change-security todd-miller

January 31, 2012
21:19
Secunia Security Advisory 47743
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - joernchen has discovered a vulnerability in sudo, which can be exploited by malicious, local users to gain escalated privileges.
Tags: advisory secunia security security-advisory sudo

14:00
[dos / poc] - sudo 1.8.0 - 1.8.3p1 Format String Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

[dos / poc] - sudo 1.8.0 - 1.8.3p1 Format String Vulnerability
Tags: poc sudo format format-string

January 30, 2012
15:55
sudo 1.8.3p1 Format String
» ‎ Packet Storm Security Exploits

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.
Tags: sudo string format format-string escalation vulnerability

15:55
sudo 1.8.3p1 Format String
» ‎ Packet Storm Security Recent Files

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.
Tags: sudo string format format-string escalation vulnerability

15:55
sudo 1.8.3p1 Format String
» ‎ Packet Storm Security Misc. Files

sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.
Tags: sudo string format format-string escalation vulnerability

13:00
Bugtraq: Advisory: sudo 1.8 Format String Vulnerability
» ‎ SecurityFocus Vulnerabilities

Advisory: sudo 1.8 Format String Vulnerability
Tags: advisory sudo format format-string bugtraq
February 11, 2011
0:00
Vuln: Todd Miller Sudo Group ID Change Security Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Group ID Change Security Vulnerability
Tags: sudo miller todd security-vulnerability change-security todd-miller

February 01, 2011
14:30
Rotary dial authenticates sudo commands
» ‎ Hack a Day

[W1ndman] won’t win any security awards for this build, but it’s an interesting idea. On many Linux-based systems commands can be run with administrator privileges by prefacing them with the keyword ‘sudo’. Normally you’d be asked for a password but [W1ndman] used the Pluggable Authentication Modules (PAM) to authenticate via his own shell script. That script [...]
Tags: script sudo ndman pam pluggable-authentication-modules administrator-privileges shell-script linux hacks

January 25, 2011
0:00
Vuln: Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation

January 21, 2011
13:12
Mandriva Linux Security Advisory 2011-018
» ‎ Packet Storm Security Advisories

Mandriva Linux Security Advisory 2011-018 - A patch for parse.c in sudo does not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.
Tags: group sudo command gain-root-privileges sudo-command mandriva-linux

13:12
Mandriva Linux Security Advisory 2011-018
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2011-018 - A patch for parse.c in sudo does not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.
Tags: group sudo command gain-root-privileges sudo-command mandriva-linux

13:12
Mandriva Linux Security Advisory 2011-018
» ‎ Packet Storm Security Misc. Files

Mandriva Linux Security Advisory 2011-018 - A patch for parse.c in sudo does not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.
Tags: group sudo command gain-root-privileges sudo-command mandriva-linux

13:00
Bugtraq: [ MDVSA-2011:018 ] sudo
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2011:018 ] sudo
Tags: bugtraq mdvsa sudo
0:00
Vuln: Todd Miller Sudo Group ID Change Security Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Group ID Change Security Vulnerability
Tags: sudo miller todd security-vulnerability change-security todd-miller
0:00
Vuln: Todd Miller Sudo 'Runas_Alias' Supplementary Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'Runas_Alias' Supplementary Group Local Privilege Escalation Vulnerability
Tags: sudo runas alias todd-miller privilege-escalation-vulnerability local-privilege-escalation
January 20, 2011
12:00
Bugtraq: [USN-1046-1] Sudo vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-1046-1] Sudo vulnerability
Tags: bugtraq sudo vulnerability usn

January 11, 2011
22:59
Secunia Security Advisory 42886
» ‎ Packet Storm Security Advisories

Secunia Security Advisory - A vulnerability has been discovered in Sudo, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Tags: advisory secunia security security-advisory sudo

January 05, 2011
7:00
Bugtraq: VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
» ‎ SecurityFocus Vulnerabilities

VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
Tags: vmware party esx party-updates openldap sudo
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation
November 17, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation
November 12, 2010
0:00
Vuln: Todd Miller Sudo 'secure path' Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'secure path' Security Bypass Vulnerability
Tags: sudo path security todd-miller secure-path vulnerability
November 11, 2010
0:00
Vuln: Todd Miller Sudo 'secure path' Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'secure path' Security Bypass Vulnerability
Tags: sudo path security todd-miller secure-path vulnerability
November 03, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation
October 27, 2010
10:01
Bugtraq: rPSA-2010-0075-1 sudo
» ‎ SecurityFocus Vulnerabilities

rPSA-2010-0075-1 sudo
Tags: bugtraq sudo rpsa
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation
October 05, 2010
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation
September 28, 2010
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation
September 21, 2010
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation
September 15, 2010
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation
September 13, 2010
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

September 07, 2010
23:02
USN-983-1.txt
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 983-1 - Markus Wuethrich discovered that sudo did not always verify the user when a group was specified in the Runas_Spec. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program as a group when the attacker was not a part of that group.
Tags: sudo group attacker markus-wuethrich wuethrich runas arbitrary-code

23:01
USN-983-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 983-1 - Markus Wuethrich discovered that sudo did not always verify the user when a group was specified in the Runas_Spec. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program as a group when the attacker was not a part of that group.
Tags: sudo group attacker markus-wuethrich wuethrich runas arbitrary-code

9:00
Bugtraq: [USN-983-1] Sudo vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-983-1] Sudo vulnerability
Tags: bugtraq sudo vulnerability usn
8:00
Bugtraq: [ GLSA 201009-03 ] sudo: Privilege Escalation
» ‎ SecurityFocus Vulnerabilities

[ GLSA 201009-03 ] sudo: Privilege Escalation
Tags: sudo escalation glsa privilege
0:00
Vuln: Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo Runas Group Local Privilege Escalation Vulnerability
Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation
July 06, 2010
0:00
Vuln: Todd Miller Sudo 'secure path' Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'secure path' Security Bypass Vulnerability
Tags: sudo path security todd-miller secure-path vulnerability
July 02, 2010
7:00
Bugtraq: [USN-956-1] sudo vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-956-1] sudo vulnerability
Tags: bugtraq sudo vulnerability usn

July 01, 2010
0:01
USN-956-1.txt
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 956-1 - Evan Broder and Anders Kaseorg discovered that sudo did not properly sanitize its environment when configured to use secure_path (the default in Ubuntu). A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program that interpreted the PATH environment variable.
Tags: sudo ubuntu environment anders-kaseorg evan-broder secure-path path-environment broder

0:00
USN-956-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 956-1 - Evan Broder and Anders Kaseorg discovered that sudo did not properly sanitize its environment when configured to use secure_path (the default in Ubuntu). A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program that interpreted the PATH environment variable.
Tags: sudo ubuntu environment anders-kaseorg evan-broder secure-path path-environment broder

June 30, 2010
0:00
Vuln: Todd Miller Sudo 'secure path' Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'secure path' Security Bypass Vulnerability
Tags: sudo path security todd-miller secure-path vulnerability
June 21, 2010
0:00
Vuln: Todd Miller Sudo 'secure path' Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'secure path' Security Bypass Vulnerability
Tags: sudo path security todd-miller secure-path vulnerability

June 17, 2010
22:01
dsa-2062-1.txt
» ‎ Packet Storm Security Advisories

Debian Linux Security Advisory 2062-1 - Anders Kaseorg and Evan Broder discovered a vulnerability in sudo, a program designed to allow a sysadmin to give limited root privileges to users, that allows a user with sudo permissions on certain programs to use those programs with an untrusted value of PATH. This could possibly lead to certain intended restrictions being bypassed, such as the secure_path setting.
Tags: sudo dsa path anders-kaseorg evan-broder root-privileges secure-path linux-security

9:00
Bugtraq: [ MDVSA-2010:118 ] sudo
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2010:118 ] sudo
Tags: bugtraq mdvsa sudo
0:00
Vuln: Todd Miller Sudo 'secure path' Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'secure path' Security Bypass Vulnerability
Tags: sudo path security todd-miller secure-path vulnerability
June 16, 2010
0:00
Vuln: Todd Miller Sudo 'secure path' Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'secure path' Security Bypass Vulnerability
Tags: sudo path security todd-miller secure-path vulnerability
June 04, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
June 01, 2010
13:00
Bugtraq: [ GLSA 201006-09 ] sudo: Privilege escalation
» ‎ SecurityFocus Vulnerabilities

[ GLSA 201006-09 ] sudo: Privilege escalation
Tags: sudo escalation glsa privilege
0:00
Vuln: Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation
May 10, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation
April 28, 2010
15:00
Bugtraq: [ MDVSA-2010:078-1 ] sudo
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2010:078-1 ] sudo
Tags: bugtraq mdvsa sudo
April 23, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

April 19, 2010
18:00
2010-02-sudo.txt
» ‎ Packet Storm Security Recent Files

sudoedit as found in sudo versions 1.7.2p5 and below fails to verify the path of the executable and therefore allows for an easy to exploit local privilege escalation vulnerability.
Tags: txt sudo sudoedit privilege-escalation-vulnerability local-privilege-escalation

18:00
2010-02-sudo.txt
» ‎ Packet Storm Security Exploits

sudoedit as found in sudo versions 1.7.2p5 and below fails to verify the path of the executable and therefore allows for an easy to exploit local privilege escalation vulnerability.
Tags: txt sudo sudoedit privilege-escalation-vulnerability local-privilege-escalation

0:00
Vuln: Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation
April 16, 2010
8:00
Bugtraq: [USN-928-1] Sudo vulnerability
» ‎ SecurityFocus Vulnerabilities

[USN-928-1] Sudo vulnerability
Tags: bugtraq sudo vulnerability usn
April 15, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation
March 26, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

March 11, 2010
5:00
Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
March 10, 2010
15:00
Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
March 09, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
March 08, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

March 07, 2010
13:00
Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4
» ‎ 1337day (was: Inj3ct0r, 1337db)

Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4
Tags: sudo tod-miller

March 05, 2010
10:00
Bugtraq: Re: Todd Miller Sudo local root exploit discovered by Slouching
» ‎ SecurityFocus Vulnerabilities

Re: Todd Miller Sudo local root exploit discovered by Slouching
Tags: sudo slouching root todd-miller bugtraq
March 04, 2010
10:01
Bugtraq: Re: Re: Todd Miller Sudo local root exploit discovered by Slouching
» ‎ SecurityFocus Vulnerabilities

Re: Re: Todd Miller Sudo local root exploit discovered by Slouching
Tags: sudo slouching root todd-miller bugtraq

March 03, 2010
14:00
sudoedit-escalate.txt
» ‎ Packet Storm Security Recent Files

Todd Miller sudo 'sudoedit' local root exploit that affects 1.6.x versions before 1.6.9p21 and 1.7.x versions before 1.7.2p4.
Tags: txt sudo sudoedit todd-miller root-exploit x-versions

14:00
sudoedit-escalate.txt
» ‎ Packet Storm Security Exploits

Todd Miller sudo 'sudoedit' local root exploit that affects 1.6.x versions before 1.6.9p21 and 1.7.x versions before 1.7.2p4.
Tags: txt sudo sudoedit todd-miller root-exploit x-versions

14:00
Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4 Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4 Exploit
Tags: sudo exploit tod-miller

13:00
Bugtraq: Re: Todd Miller Sudo local root exploit discovered by Slouching
» ‎ SecurityFocus Vulnerabilities

Re: Todd Miller Sudo local root exploit discovered by Slouching
Tags: sudo slouching root todd-miller bugtraq
10:00
Bugtraq: Re: Todd Miller Sudo local root exploit discovered by Slouching
» ‎ SecurityFocus Vulnerabilities

Re: Todd Miller Sudo local root exploit discovered by Slouching
Tags: sudo slouching root todd-miller bugtraq
10:00
Bugtraq: [ GLSA 201003-01 ] sudo: Privilege escalation
» ‎ SecurityFocus Vulnerabilities

[ GLSA 201003-01 ] sudo: Privilege escalation
Tags: sudo escalation glsa privilege

9:33
extracting rar files in backtrack
» ‎ remote-exploit & backtrack

How can i do this?

Is there such a program that can do this?

Of course the sudo apt-get command wont work (sudo apt-get install rar unrar)

I tried to install winrar but i get this error

Code: rar: /lib/libc.so.6: version `GLIBC_2.7' not found (required by rar)
Can anyone help?

Thanks.
Tags: sudo rar BackTrack extracting-rar-files unrar BackTrack General Support

0:00
Vuln: Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
March 02, 2010
8:00
Bugtraq: [ MDVSA-2010:052 ] sudo
» ‎ SecurityFocus Vulnerabilities

[ MDVSA-2010:052 ] sudo
Tags: bugtraq mdvsa sudo
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation

March 01, 2010
16:00
MDVSA-2010-052.txt
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2010-052 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. The updated packages have been patched to correct this issue.
Tags: txt mdvsa sudo mandriva-linux sudo-command linux-security

16:00
MDVSA-2010-052.txt
» ‎ Packet Storm Security Advisories

Mandriva Linux Security Advisory 2010-052 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. The updated packages have been patched to correct this issue.
Tags: txt mdvsa sudo mandriva-linux sudo-command linux-security

9:15
Bugtraq: [USN-905-1] sudo vulnerabilities
» ‎ SecurityFocus Vulnerabilities

[USN-905-1] sudo vulnerabilities
Tags: bugtraq sudo usn
0:00
Vuln: Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation

February 26, 2010
18:00
USN-905-1.txt
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 905-1 - It was discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation of Ubuntu. It was discovered that sudo did not reset group permissions when the 'runas_default' configuration option was used. A local attacker could exploit this to escalate group privileges if sudo was configured to allow the attacker to run commands under the runas_default account. The runas_default configuration option is not used in the default installation of Ubuntu. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04.
Tags: sudo ubuntu default default-account configuration-option group-permissions

18:00
USN-905-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 905-1 - It was discovered that sudo did not properly validate the path for the 'sudoedit' pseudo-command. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use sudoedit. The sudoedit pseudo-command is not used in the default installation of Ubuntu. It was discovered that sudo did not reset group permissions when the 'runas_default' configuration option was used. A local attacker could exploit this to escalate group privileges if sudo was configured to allow the attacker to run commands under the runas_default account. The runas_default configuration option is not used in the default installation of Ubuntu. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04.
Tags: sudo ubuntu default default-account configuration-option group-permissions

0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
0:00
Vuln: Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'runas_default' Local Privilege Escalation Vulnerability
Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation
February 25, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation
February 23, 2010
0:00
Vuln: Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Todd Miller Sudo 'sudoedit' Local Privilege Escalation Vulnerability
Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

February 12, 2010
7:04
WEP 128 Bit Crack problem!!
» ‎ remote-exploit & backtrack

hi all
i tried to crack a friends WEP encrypted AP with airocrack-ng (command line , if any GUI exist plz let me know)
i use this command :

sudo airmon-ng start wlan0 5
sudo airodump-ng --ivs -w Erix -c 5 wlan0
sudo aireplay-ng -5 -b 00:00:00:00:00:00 -h 00:00:00:00:00:00 wlan0
sudo aireplay-ng -1 0 -e Torkanet -a 00:00:00:00:00:00 -h00:00:00:00:00:00 wlan0

(MAC addresses is diffrent but Ap is Torkanet :D & it is on channel 5)
this is when no clients present!
and this commands when we use a clients :

sudo airmon-ng start wlan0 5
sudo airodump-ng --ivs -w Erix -c 5 wlan0
sudo aireplay-ng -0 10 -a 00:00:00:00:00:00 -c 00:00:00:00:00:00 wlan0
sudo aireplay-ng -3 -b 00:00:00:00:00:00 -h 00:00:00:00:00:00 wlan0

the problem is when aircrack-ng gots packegs it said ".....still nothing tring another package" it done this over and over and over till i ran low on physical memory :D!! what should i do?
is our network secured enough?

and other silly question is :D on this command :
sudo aireplay-ng -5 -b 00:00:00:00:00:00 -h 00:00:00:00:00:00 wlan0

which MAC address is mine and which is for Ap? (the same question goes for -3 option!!)
by the way sry for my weak english!!:D
Tags: sudo command wlan mac physical-memory ivs mac-addresses Wireless
January 22, 2010
1:28
Red Alambrica e Inalambrica
» ‎ remote-exploit & backtrack

Saludos a todos quisiera saber si hay alguna manera de que cuando empieza backtrack 4 se auto detecten las tarjetas de Red, ya que cada ves que inicia tengo que arrancarlas manualmente con el comando sudo start-network saludos espero me puedan ayudar gracias...
Tags: alambrica inalambrica red BackTrack sudo Soporte Software
January 21, 2010
14:53
ARP Poisoning + DNS Spoof [Version sans Ettercap]
» ‎ remote-exploit & backtrack

Donc, une solution pour un arp poisoning et un dns spoof réussi sans Ettercap :
AVANT : Activez l'ip forwarding (dans un terminal root : "echo 1 > /proc/sys/net/ipv4/ip_forward")

1) Téléchargez le package dsniff :
Code: sudo apt-get install dsniff 2) Lancez arpspoof :
Code: sudo arpspoof -i eth0 -t IP_VICTIME IP_ROUTEUR et dans un autre shell :
Code: sudo arpspoof -i eth0 -t IP_ROUTEUR IP_VICTIME laissez tourner le tout...

3) Editez un fichier host dans votre répertoire user, exemple de ce que peut contenir ce fichier : Code: 192.168.1.25 microsoft.com 192.168.1.25 remote-exploit.org signifie que "microsoft.com" et "remote-exploit.org" seront redirigés vers l'IP "192.168.1.25".

4) Encore dans un autre shell, lancez la commande :
Code: dnsspoof -i eth0 -f host "host" correspondant au nom de votre fichier édité.

Enjoy ! :)

5) Facultatif mais booooon : lancez un serveur metasploit sur votre ip et redirigez la victime dessus ! :rolleyes:
Une vidéo ? J'arrive ;)
Tags: quot sudo code spoof-version remote-exploit fichier-host Tutoriaux howtos
January 19, 2010
23:26
Modprobe ndiswrapper FATAL error
» ‎ remote-exploit & backtrack

Hey guys, i'm running into an issue when trying to install the 1915:2234 or V1 WUSB54G. From the information provided on ndiswrapper's wiki, the WUSB54G should work with bt4, but i'm running into a problem after installing the WUSB54G drivers to ndiswrapper. When i go to load the drivers into memory i encounter the error.
Code: sudo modprobe ndiswrapper FATAL: Module ndiswrapper not found. after looking into the problem a bit, on the linuxquestions forum i found a slight solution (would post url if i could) i found out i might not have the right components for ndiswrapper, and they recommended to see if i had usbcore to, and after checking for usbcore, i received the same fatal warning but this time for usbcore

Code: sudo modprobe usbcore FATAL: Module usbcore not found. i'm still researching the problem, but with little success at this point. Anyone have any clue where i should be looking next?
Tags: modprobe ndiswrapper usbcore wusb54g-drivers bt4 sudo BackTrack Bugs and Fixes

jetlib.sec » Tags » sudo

Feeds

104 items tagged "sudo"

Tags: sudo security dsa

Tags: bugtraq mdvsa sudo

Tags: sudo list host todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo miller todd security-vulnerability change-security todd-miller

Tags: sudo miller todd security-vulnerability change-security todd-miller

Tags: path sudo debug todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: advisory sudo red red-hat-security sudoers security-advisory

Tags: advisory sudo red red-hat-security sudoers security-advisory

Tags: advisory sudo red red-hat-security sudoers security-advisory

Tags: sudo miller todd security-vulnerability change-security todd-miller

Tags: advisory secunia security security-advisory sudo

Tags: poc sudo format format-string

Tags: sudo string format format-string escalation vulnerability

Tags: sudo string format format-string escalation vulnerability

Tags: sudo string format format-string escalation vulnerability

Tags: advisory sudo format format-string bugtraq

Tags: sudo miller todd security-vulnerability change-security todd-miller

Tags: script sudo ndman pam pluggable-authentication-modules administrator-privileges shell-script linux hacks

Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: group sudo command gain-root-privileges sudo-command mandriva-linux

Tags: group sudo command gain-root-privileges sudo-command mandriva-linux

Tags: group sudo command gain-root-privileges sudo-command mandriva-linux

Tags: bugtraq mdvsa sudo

Tags: sudo miller todd security-vulnerability change-security todd-miller

Tags: sudo runas alias todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: bugtraq sudo vulnerability usn

Tags: advisory secunia security security-advisory sudo

Tags: vmware party esx party-updates openldap sudo

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo path security todd-miller secure-path vulnerability

Tags: sudo path security todd-miller secure-path vulnerability

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: bugtraq sudo rpsa

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo local default todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo group attacker markus-wuethrich wuethrich runas arbitrary-code

Tags: sudo group attacker markus-wuethrich wuethrich runas arbitrary-code

Tags: bugtraq sudo vulnerability usn

Tags: sudo escalation glsa privilege

Tags: group sudo runas todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo path security todd-miller secure-path vulnerability

Tags: bugtraq sudo vulnerability usn

Tags: sudo ubuntu environment anders-kaseorg evan-broder secure-path path-environment broder

Tags: sudo ubuntu environment anders-kaseorg evan-broder secure-path path-environment broder

Tags: sudo path security todd-miller secure-path vulnerability

Tags: sudo path security todd-miller secure-path vulnerability

Tags: sudo dsa path anders-kaseorg evan-broder root-privileges secure-path linux-security

Tags: bugtraq mdvsa sudo

Tags: sudo path security todd-miller secure-path vulnerability

Tags: sudo path security todd-miller secure-path vulnerability

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo escalation glsa privilege

Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: bugtraq mdvsa sudo

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: txt sudo sudoedit privilege-escalation-vulnerability local-privilege-escalation

Tags: txt sudo sudoedit privilege-escalation-vulnerability local-privilege-escalation

Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: bugtraq sudo vulnerability usn

Tags: path sudo sudoedit todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation

Tags: sudo sudoedit local todd-miller privilege-escalation-vulnerability local-privilege-escalation