Search criteria
11 vulnerabilities found for sudo by sudo
VAR-202101-1926
Vulnerability from variot - Updated: 2025-12-22 22:11Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. A heap-based overflow has been discovered in the set_cmd() function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges.CVE-2021-3156 AffectedCVE-2021-3156 Affected. Sensormatic Electronics Company ( Johnson Controls subsidiary) Illustra is a surveillance and security camera system. Illustra includes vulnerabilities related to boundary condition determination ( CWE-193 , CVE-2021-3156 ) exists.Installed in the product by a third party under certain conditions Linux Operating system administrator privileges can be obtained. Any local user (sudoers and non-sudoers) can exploit this flaw for root privilege escalation.
For the stable distribution (buster), this problem has been fixed in version 1.8.27-1+deb10u3.
We recommend that you upgrade your sudo packages.
For the detailed security status of sudo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/sudo
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAQWctfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qr2w/5AfAZMSbKestTzvm22w+T5yReGOd2jYXO2SzdqdkIzOVXJ83RrbogkiyK d1ie47Csw51M8L5eT/kf48vkABPqT9S0dlRI7rQ2xbIDWIUcDpnFNCSclSGjI+Sd HqtaQQbR+MdSjGtC8vc8RVEOEQcVvoXrqDPaEniWjA4uTV7Iqj0P3EpH1XolVlZv lw4ZZ+VdDolxhm1QWp/NiMKUlDpv5RLs6jW0oQAKP1RZqMIX44TSEHil/NEs6VeN u5AFUwo5iwYRCUbgi2mB0GxV4CRyb0IN26pGsltYJsReFL1vCMiO9drGMk/WhlqB NGKeF5rLsMKaJCkBEcMntDG1XtFhXuyak2O4atL7H8CwhBZ81Axe+aAynn7IB99B qx3GLfRNSVKHQHBHWEOxqILCS+xWmvL6/uB6xMaAh5CXxhEgs9BIEiPonccmkzQ9 xj6Uw/aWv9ZOUu+Rwmp+bG/V8DKaFKegaQAy0HnhOZ11ruJJB/YicTXSsbxoLSEt hbd0bYAOrZBqcysH8Ed+R2tGxtjoWIDLcv3uUqmttxgd8E5YpGGngaYBleGCnB0s X3JDyd1pvBu7H0vR5k2bVNgm4qQ27jHmeNKRSpvUZv50mRX8NQyv/rrROwkUsVdI 1EnlHYz0E4BUfb15ECWLfN9BM/MyPhkdKadIrrd+zJEwq+KVcHo= =d9gQ -----END PGP SIGNATURE----- . 7.3) - x86_64
- Summary:
Red Hat Ansible Automation Platform Resource Operator 1.2 (technical preview) images that fix several security issues. Description:
Red Hat Ansible Automation Platform Resource Operator container images with security fixes.
Ansible Automation Platform manages Ansible Platform jobs and workflows that can interface with any infrastructure on a Red Hat OpenShift Container Platform cluster, or on a traditional infrastructure that is running off-cluster. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module 1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values 1916813 - CVE-2021-20191 ansible: multiple modules expose secured values 1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option 1939349 - CVE-2021-3447 ansible: multiple modules expose secured values
-
6 ELS) - i386, s390x, x86_64
-
These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Bug Fix(es):
- When performing an upgrade of the Red Hat Virtualization Host using the
command
yum update, the yum repository for RHV 4.3 EUS is unreachable
As a workaround, run the following command:
# yum update --releasever=7Server (BZ#1899378)
- Bugs fixed (https://bugzilla.redhat.com/):
1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker 1899378 - rhel-7-server-rhvh-4.3-eus-rpms repo is unavailable 1916111 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #3 1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing
- This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. ========================================================================== Ubuntu Security Notice USN-4705-1 January 26, 2021
sudo vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Sudo. A local attacker could possibly use this issue to obtain unintended access to the administrator account. (CVE-2021-3156)
It was discovered that the Sudo sudoedit utility incorrectly handled checking directory permissions. A local attacker could possibly use this issue to bypass file permissions and determine if a directory exists or not. (CVE-2021-23239)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: sudo 1.9.1-1ubuntu1.1 sudo-ldap 1.9.1-1ubuntu1.1
Ubuntu 20.04 LTS: sudo 1.8.31-1ubuntu1.2 sudo-ldap 1.8.31-1ubuntu1.2
Ubuntu 18.04 LTS: sudo 1.8.21p2-3ubuntu1.4 sudo-ldap 1.8.21p2-3ubuntu1.4
Ubuntu 16.04 LTS: sudo 1.8.16-0ubuntu1.10 sudo-ldap 1.8.16-0ubuntu1.10
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: sudo security update Advisory ID: RHSA-2021:0223-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0223 Issue date: 2021-01-26 CVE Names: CVE-2021-3156 ==================================================================== 1. Summary:
An update for sudo is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x
- Description:
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.
Security Fix(es):
- sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing
- Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6):
Source: sudo-1.8.23-3.el7_6.2.src.rpm
x86_64: sudo-1.8.23-3.el7_6.2.x86_64.rpm sudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):
x86_64: sudo-debuginfo-1.8.23-3.el7_6.2.i686.rpm sudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm sudo-devel-1.8.23-3.el7_6.2.i686.rpm sudo-devel-1.8.23-3.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: sudo-1.8.23-3.el7_6.2.src.rpm
ppc64: sudo-1.8.23-3.el7_6.2.ppc64.rpm sudo-debuginfo-1.8.23-3.el7_6.2.ppc64.rpm
ppc64le: sudo-1.8.23-3.el7_6.2.ppc64le.rpm sudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm
s390x: sudo-1.8.23-3.el7_6.2.s390x.rpm sudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm
x86_64: sudo-1.8.23-3.el7_6.2.x86_64.rpm sudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: sudo-1.8.23-3.el7_6.2.src.rpm
aarch64: sudo-1.8.23-3.el7_6.2.aarch64.rpm sudo-debuginfo-1.8.23-3.el7_6.2.aarch64.rpm
ppc64le: sudo-1.8.23-3.el7_6.2.ppc64le.rpm sudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm
s390x: sudo-1.8.23-3.el7_6.2.s390x.rpm sudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.6):
ppc64: sudo-debuginfo-1.8.23-3.el7_6.2.ppc.rpm sudo-debuginfo-1.8.23-3.el7_6.2.ppc64.rpm sudo-devel-1.8.23-3.el7_6.2.ppc.rpm sudo-devel-1.8.23-3.el7_6.2.ppc64.rpm
ppc64le: sudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm sudo-devel-1.8.23-3.el7_6.2.ppc64le.rpm
s390x: sudo-debuginfo-1.8.23-3.el7_6.2.s390.rpm sudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm sudo-devel-1.8.23-3.el7_6.2.s390.rpm sudo-devel-1.8.23-3.el7_6.2.s390x.rpm
x86_64: sudo-debuginfo-1.8.23-3.el7_6.2.i686.rpm sudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm sudo-devel-1.8.23-3.el7_6.2.i686.rpm sudo-devel-1.8.23-3.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64: sudo-debuginfo-1.8.23-3.el7_6.2.aarch64.rpm sudo-devel-1.8.23-3.el7_6.2.aarch64.rpm
ppc64le: sudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm sudo-devel-1.8.23-3.el7_6.2.ppc64le.rpm
s390x: sudo-debuginfo-1.8.23-3.el7_6.2.s390.rpm sudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm sudo-devel-1.8.23-3.el7_6.2.s390.rpm sudo-devel-1.8.23-3.el7_6.2.s390x.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-3156 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-002
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYBCATtzjgjWX9erEAQiDkQ/8CyCFW0G3itmCMGwXsP5atS6Tgqc4zwbC ofAgAgWoKKlwelFIMra1XlbcwSiqDKyxRvZVXiberbmvsecRShd7y29CMf75R2FO P7qGv5BY8BLX0zDwHHNTSCdX4EXoMi4OUUzmO4JEgys8Vc0QfLyEpQJbIPJaeE/C OI6niwwsSKeB06CjOpmHef/xoltdiCRkAJ84A3wBN8L603Lbl7Ou1PpomXFTmBpx 1ZI+vHe+rGXLMLYsJOyZSi87spHiXX7ZUwHwf3LOpQvIEP3tTU7QVykAsB2nIWIh VVqjPwOeK4wxM1xn2DtBAeBE1m3QG9xBirIQosAUqh8v7coWyy+kNZxxnFKS8v5F ZuQpsM2c0EbEcz7QL703in6m/1fG8oT6QI/K0PQvAQBlxt4XG0N1Shz1XfCa884z 0xF5C31bd8tDOuakZNPg7ePLXpaZtyn/CZ5kyWIaSkMV5J1vYZIHPyJpb83QecUr c9vjQgD49kz2FzwJkGPcWAeqjBVFrRbE7TJQ8IAzkM08x6XeKuLp8sXixzhXzboy 9TBb65s22fEiHlMCcqW62QJGELPDLSwVvjasnX0tzkSE5t6NYV6HDbHRYcHJEG2b BWwYRlTvgfK1sodYoCGs6IeJVD8nHIeflNgkn0WQIbOznJjmBjgXXGGdj0XPDDuD l3p+edOWn0U=GeG5 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-1926",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sudo",
"scope": "gte",
"trust": 1.0,
"vendor": "sudo",
"version": "1.9.0"
},
{
"model": "communications performance intelligence center",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.3.0.2.1"
},
{
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "micros es400",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "400"
},
{
"model": "communications performance intelligence center",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.0.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "10.0.4"
},
{
"model": "privilege management for mac",
"scope": "lt",
"trust": 1.0,
"vendor": "beyondtrust",
"version": "21.1.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "9.2.8"
},
{
"model": "micros es400",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "410"
},
{
"model": "skynas",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "communications performance intelligence center",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.3.0.0.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "diskstation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "6.2"
},
{
"model": "sudo",
"scope": "lt",
"trust": 1.0,
"vendor": "sudo",
"version": "1.8.32"
},
{
"model": "micros kitchen display system",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "210"
},
{
"model": "privilege management for unix\\/linux",
"scope": "lt",
"trust": 1.0,
"vendor": "beyondtrust",
"version": "10.3.2-10"
},
{
"model": "sudo",
"scope": "lt",
"trust": 1.0,
"vendor": "sudo",
"version": "1.9.5"
},
{
"model": "tekelec platform distribution",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.4.0"
},
{
"model": "diskstation manager unified controller",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": "3.0"
},
{
"model": "micros compact workstation 3",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "310"
},
{
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.2.17"
},
{
"model": "micros workstation 6",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "610"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "cloud backup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sudo",
"scope": "gte",
"trust": 1.0,
"vendor": "sudo",
"version": "1.8.2"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "vs960hd",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "tekelec platform distribution",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "7.7.1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "sudo",
"version": "1.9.5"
},
{
"model": "ontap tools",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": "9"
},
{
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "micros workstation 6",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "655"
},
{
"model": "communications performance intelligence center",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "10.4.0.1.0"
},
{
"model": "micros workstation 5a",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "5a"
},
{
"model": "insight",
"scope": null,
"trust": 0.8,
"vendor": "sensormatic",
"version": null
},
{
"model": "flex gen 2",
"scope": null,
"trust": 0.8,
"vendor": "sensormatic",
"version": null
},
{
"model": "pro 2",
"scope": null,
"trust": 0.8,
"vendor": "sensormatic",
"version": null
},
{
"model": "pro gen 3",
"scope": "eq",
"trust": 0.8,
"vendor": "sensormatic",
"version": "v2.8.0 all previous s"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This document was written by Timur Snoke.Statement Date:\u00a0\u00a0 February 15, 2021",
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
}
],
"trust": 0.8
},
"cve": "CVE-2021-3156",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-3156",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-383931",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2021-3156",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-002344",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-3156",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2021-3156",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2021-002344",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202101-2221",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-383931",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-3156",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "VULMON",
"id": "CVE-2021-3156"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2221"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character. A heap-based overflow has been discovered in the set_cmd() function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges.CVE-2021-3156 AffectedCVE-2021-3156 Affected. Sensormatic Electronics Company ( Johnson Controls subsidiary) Illustra is a surveillance and security camera system. Illustra includes vulnerabilities related to boundary condition determination ( CWE-193 , CVE-2021-3156 ) exists.Installed in the product by a third party under certain conditions Linux Operating system administrator privileges can be obtained. Any local user (sudoers and non-sudoers)\ncan exploit this flaw for root privilege escalation. \n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.8.27-1+deb10u3. \n\nWe recommend that you upgrade your sudo packages. \n\nFor the detailed security status of sudo please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/sudo\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAQWctfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Qr2w/5AfAZMSbKestTzvm22w+T5yReGOd2jYXO2SzdqdkIzOVXJ83RrbogkiyK\nd1ie47Csw51M8L5eT/kf48vkABPqT9S0dlRI7rQ2xbIDWIUcDpnFNCSclSGjI+Sd\nHqtaQQbR+MdSjGtC8vc8RVEOEQcVvoXrqDPaEniWjA4uTV7Iqj0P3EpH1XolVlZv\nlw4ZZ+VdDolxhm1QWp/NiMKUlDpv5RLs6jW0oQAKP1RZqMIX44TSEHil/NEs6VeN\nu5AFUwo5iwYRCUbgi2mB0GxV4CRyb0IN26pGsltYJsReFL1vCMiO9drGMk/WhlqB\nNGKeF5rLsMKaJCkBEcMntDG1XtFhXuyak2O4atL7H8CwhBZ81Axe+aAynn7IB99B\nqx3GLfRNSVKHQHBHWEOxqILCS+xWmvL6/uB6xMaAh5CXxhEgs9BIEiPonccmkzQ9\nxj6Uw/aWv9ZOUu+Rwmp+bG/V8DKaFKegaQAy0HnhOZ11ruJJB/YicTXSsbxoLSEt\nhbd0bYAOrZBqcysH8Ed+R2tGxtjoWIDLcv3uUqmttxgd8E5YpGGngaYBleGCnB0s\nX3JDyd1pvBu7H0vR5k2bVNgm4qQ27jHmeNKRSpvUZv50mRX8NQyv/rrROwkUsVdI\n1EnlHYz0E4BUfb15ECWLfN9BM/MyPhkdKadIrrd+zJEwq+KVcHo=\n=d9gQ\n-----END PGP SIGNATURE-----\n. 7.3) - x86_64\n\n3. Summary:\n\nRed Hat Ansible Automation Platform Resource Operator 1.2 (technical\npreview) images that fix several security issues. Description:\n\nRed Hat Ansible Automation Platform Resource Operator container images\nwith security fixes. \n\nAnsible Automation Platform manages Ansible Platform jobs and workflows\nthat can interface with any infrastructure on a Red Hat OpenShift Container\nPlatform cluster, or on a traditional infrastructure that is running\noff-cluster. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module\n1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values\n1916813 - CVE-2021-20191 ansible: multiple modules expose secured values\n1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option\n1939349 - CVE-2021-3447 ansible: multiple modules expose secured values\n\n5. 6 ELS) - i386, s390x, x86_64\n\n3. These packages include redhat-release-virtualization-host. \nRHVH features a Cockpit user interface for monitoring the host\u0027s resources\nand performing administrative tasks. \n\nBug Fix(es):\n\n* When performing an upgrade of the Red Hat Virtualization Host using the\ncommand `yum update`, the yum repository for RHV 4.3 EUS is unreachable\n\nAs a workaround, run the following command:\n`# yum update --releasever=7Server` (BZ#1899378)\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker\n1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker\n1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker\n1899378 - rhel-7-server-rhvh-4.3-eus-rpms repo is unavailable\n1916111 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #3\n1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing\n\n6. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. ==========================================================================\nUbuntu Security Notice USN-4705-1\nJanuary 26, 2021\n\nsudo vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Sudo. A local attacker could possibly use this issue to obtain unintended\naccess to the administrator account. (CVE-2021-3156)\n\nIt was discovered that the Sudo sudoedit utility incorrectly handled\nchecking directory permissions. A local attacker could possibly use this\nissue to bypass file permissions and determine if a directory exists or\nnot. (CVE-2021-23239)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n sudo 1.9.1-1ubuntu1.1\n sudo-ldap 1.9.1-1ubuntu1.1\n\nUbuntu 20.04 LTS:\n sudo 1.8.31-1ubuntu1.2\n sudo-ldap 1.8.31-1ubuntu1.2\n\nUbuntu 18.04 LTS:\n sudo 1.8.21p2-3ubuntu1.4\n sudo-ldap 1.8.21p2-3ubuntu1.4\n\nUbuntu 16.04 LTS:\n sudo 1.8.16-0ubuntu1.10\n sudo-ldap 1.8.16-0ubuntu1.10\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: sudo security update\nAdvisory ID: RHSA-2021:0223-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:0223\nIssue date: 2021-01-26\nCVE Names: CVE-2021-3156\n====================================================================\n1. Summary:\n\nAn update for sudo is now available for Red Hat Enterprise Linux 7.6\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x\n\n3. Description:\n\nThe sudo packages contain the sudo utility which allows system\nadministrators to provide certain users with the permission to execute\nprivileged commands, which are used for system management purposes, without\nhaving to log in as root. \n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6):\n\nSource:\nsudo-1.8.23-3.el7_6.2.src.rpm\n\nx86_64:\nsudo-1.8.23-3.el7_6.2.x86_64.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):\n\nx86_64:\nsudo-debuginfo-1.8.23-3.el7_6.2.i686.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm\nsudo-devel-1.8.23-3.el7_6.2.i686.rpm\nsudo-devel-1.8.23-3.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nsudo-1.8.23-3.el7_6.2.src.rpm\n\nppc64:\nsudo-1.8.23-3.el7_6.2.ppc64.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.ppc64.rpm\n\nppc64le:\nsudo-1.8.23-3.el7_6.2.ppc64le.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm\n\ns390x:\nsudo-1.8.23-3.el7_6.2.s390x.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm\n\nx86_64:\nsudo-1.8.23-3.el7_6.2.x86_64.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\nsudo-1.8.23-3.el7_6.2.src.rpm\n\naarch64:\nsudo-1.8.23-3.el7_6.2.aarch64.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.aarch64.rpm\n\nppc64le:\nsudo-1.8.23-3.el7_6.2.ppc64le.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm\n\ns390x:\nsudo-1.8.23-3.el7_6.2.s390x.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.6):\n\nppc64:\nsudo-debuginfo-1.8.23-3.el7_6.2.ppc.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.ppc64.rpm\nsudo-devel-1.8.23-3.el7_6.2.ppc.rpm\nsudo-devel-1.8.23-3.el7_6.2.ppc64.rpm\n\nppc64le:\nsudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm\nsudo-devel-1.8.23-3.el7_6.2.ppc64le.rpm\n\ns390x:\nsudo-debuginfo-1.8.23-3.el7_6.2.s390.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm\nsudo-devel-1.8.23-3.el7_6.2.s390.rpm\nsudo-devel-1.8.23-3.el7_6.2.s390x.rpm\n\nx86_64:\nsudo-debuginfo-1.8.23-3.el7_6.2.i686.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.x86_64.rpm\nsudo-devel-1.8.23-3.el7_6.2.i686.rpm\nsudo-devel-1.8.23-3.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):\n\naarch64:\nsudo-debuginfo-1.8.23-3.el7_6.2.aarch64.rpm\nsudo-devel-1.8.23-3.el7_6.2.aarch64.rpm\n\nppc64le:\nsudo-debuginfo-1.8.23-3.el7_6.2.ppc64le.rpm\nsudo-devel-1.8.23-3.el7_6.2.ppc64le.rpm\n\ns390x:\nsudo-debuginfo-1.8.23-3.el7_6.2.s390.rpm\nsudo-debuginfo-1.8.23-3.el7_6.2.s390x.rpm\nsudo-devel-1.8.23-3.el7_6.2.s390.rpm\nsudo-devel-1.8.23-3.el7_6.2.s390x.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-3156\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-002\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYBCATtzjgjWX9erEAQiDkQ/8CyCFW0G3itmCMGwXsP5atS6Tgqc4zwbC\nofAgAgWoKKlwelFIMra1XlbcwSiqDKyxRvZVXiberbmvsecRShd7y29CMf75R2FO\nP7qGv5BY8BLX0zDwHHNTSCdX4EXoMi4OUUzmO4JEgys8Vc0QfLyEpQJbIPJaeE/C\nOI6niwwsSKeB06CjOpmHef/xoltdiCRkAJ84A3wBN8L603Lbl7Ou1PpomXFTmBpx\n1ZI+vHe+rGXLMLYsJOyZSi87spHiXX7ZUwHwf3LOpQvIEP3tTU7QVykAsB2nIWIh\nVVqjPwOeK4wxM1xn2DtBAeBE1m3QG9xBirIQosAUqh8v7coWyy+kNZxxnFKS8v5F\nZuQpsM2c0EbEcz7QL703in6m/1fG8oT6QI/K0PQvAQBlxt4XG0N1Shz1XfCa884z\n0xF5C31bd8tDOuakZNPg7ePLXpaZtyn/CZ5kyWIaSkMV5J1vYZIHPyJpb83QecUr\nc9vjQgD49kz2FzwJkGPcWAeqjBVFrRbE7TJQ8IAzkM08x6XeKuLp8sXixzhXzboy\n9TBb65s22fEiHlMCcqW62QJGELPDLSwVvjasnX0tzkSE5t6NYV6HDbHRYcHJEG2b\nBWwYRlTvgfK1sodYoCGs6IeJVD8nHIeflNgkn0WQIbOznJjmBjgXXGGdj0XPDDuD\nl3p+edOWn0U=GeG5\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3156"
},
{
"db": "CERT/CC",
"id": "VU#794544"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "VULMON",
"id": "CVE-2021-3156"
},
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161272"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161135"
},
{
"db": "PACKETSTORM",
"id": "161145"
}
],
"trust": 3.24
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-383931",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-3156",
"trust": 5.0
},
{
"db": "CERT/CC",
"id": "VU#794544",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "161230",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "161160",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "161270",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "161293",
"trust": 1.7
},
{
"db": "MCAFEE",
"id": "SB10348",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/01/27/2",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/01/26/3",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/02/15/1",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/01/27/1",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/09/14/2",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-22-256-01",
"trust": 1.4
},
{
"db": "ICS CERT",
"id": "ICSA-21-245-01",
"trust": 1.4
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2024/01/30/6",
"trust": 1.0
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2024/01/30/8",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "176932",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "161163",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "161135",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96493147",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96372273",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90511416",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "161281",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "162961",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1815",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1216",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4571",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2604",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1330",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0609",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1012",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0293",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0281",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0329",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2984",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1651",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0864",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0467",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0329.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4036",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1207",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-147-02",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-334-04",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-119-03",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-133-02",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021051402",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021052804",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021092209",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021072732",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021120103",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021090304",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122914",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "49522",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2221",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161141",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161272",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161139",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161145",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "161143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161152",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161144",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161142",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161398",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161136",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161137",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-99117",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-383931",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-3156",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168983",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "162142",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
},
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "VULMON",
"id": "CVE-2021-3156"
},
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161272"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161135"
},
{
"db": "PACKETSTORM",
"id": "161145"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2221"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"id": "VAR-202101-1926",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
}
],
"trust": 0.01
},
"last_update_date": "2025-12-22T22:11:15.713000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Product\u00a0Security\u00a0Advisory\u00a0|\u00a0JCI-PSA-2021-13 (( PDF )",
"trust": 0.8,
"url": "https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2021/jci-psa-2021-13.pdf?la=en\u0026hash=FC6A4C7293ABA5697AC763F92E4256CA4F3D7B1D"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210227 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210221 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210225 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210224 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210222 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210226 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210218 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210223 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210219 - Security Advisory"
},
{
"title": "Red Hat: Important: sudo security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210220 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-4839-1 sudo -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=e39766a043b3a0185adba1c80532d955"
},
{
"title": "Red Hat: Important: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210395 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20210401 - Security Advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2021-1478",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2021-1478"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1590",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1590"
},
{
"title": "Cisco: Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sudo-privesc-jan2021-qnYQfcM"
},
{
"title": "TA-Samedit",
"trust": 0.1,
"url": "https://github.com/stressboi/TA-Samedit "
},
{
"title": "ScannerCVE-2021-3156",
"trust": 0.1,
"url": "https://github.com/SantiagoSerrao/ScannerCVE-2021-3156 "
},
{
"title": "T\u00c3\u00adtulo del Proyecto",
"trust": 0.1,
"url": "https://github.com/lmol/CVE-2021-3156 "
},
{
"title": "CVE-2021-3156",
"trust": 0.1,
"url": "https://github.com/reverse-ex/CVE-2021-3156 "
},
{
"title": "LinuxDocLinks",
"trust": 0.1,
"url": "https://github.com/neolin-ms/LinuxDocLinks "
},
{
"title": "Baron-Samedit",
"trust": 0.1,
"url": "https://github.com/AbdullahRizwan101/Baron-Samedit "
},
{
"title": "CVE-2021-3156",
"trust": 0.1,
"url": "https://github.com/ph4ntonn/CVE-2021-3156 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-3156"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-193",
"trust": 1.1
},
{
"problemtype": "Determination of boundary conditions (CWE-193) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openwall.com/lists/oss-security/2021/01/26/3"
},
{
"trust": 2.3,
"url": "https://www.kb.cert.org/vuls/id/794544"
},
{
"trust": 2.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sudo-privesc-jan2021-qnyqfcm"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/161160/sudo-heap-based-buffer-overflow.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/161230/sudo-buffer-overflow-privilege-escalation.html"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/161293/sudo-1.8.31p2-1.9.5p1-buffer-overflow.html"
},
{
"trust": 2.3,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3156"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20210128-0001/"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20210128-0002/"
},
{
"trust": 1.7,
"url": "https://support.apple.com/kb/ht212177"
},
{
"trust": 1.7,
"url": "https://www.sudo.ws/stable.html#1.9.5p2"
},
{
"trust": 1.7,
"url": "https://www.synology.com/security/advisory/synology_sa_21_02"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2021/dsa-4839"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2021/jan/79"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2021/feb/42"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/202101-33"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/161270/sudo-1.9.5p1-buffer-overflow-privilege-escalation.html"
},
{
"trust": 1.7,
"url": "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability"
},
{
"trust": 1.7,
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/01/27/2"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/02/15/1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"
},
{
"trust": 1.6,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10348"
},
{
"trust": 1.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-245-01"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3156"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2024/feb/3"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cala5ftxiqbrryua2zqnjxb6oqmaxeii/"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"trust": 1.0,
"url": "https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-heap-based-buffer-overflow.html"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lhxk6ico5aylgfk2tax5mzkuxtukwojy/"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2021-3156"
},
{
"trust": 0.8,
"url": "cve-2021-3156 "
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu96372273"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96493147/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90511416/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-01"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lhxk6ico5aylgfk2tax5mzkuxtukwojy/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/cala5ftxiqbrryua2zqnjxb6oqmaxeii/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6455281"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sudo-buffer-overflow-via-command-unescaping-backslashes-34414"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021051402"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-133-02"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0329/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1207"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1330"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162961/heap-based-overflow-vulnerability-in-sudo.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2984"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1012"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1651"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4571"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021052804"
},
{
"trust": 0.6,
"url": "https://www.oracle.com/security-alerts/cpujul2021.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-4/"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/49522"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0329.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0609"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-119-03"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1216"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072732"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1815"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0293/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-147-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021120103"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0281/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-334-04"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161281/red-hat-security-advisory-2021-0401-01.html"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20210310-01-escalation-cn"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-sudo-as-used-by-ibm-qradar-siem-is-vulnerable-to-arbitrary-code-execution/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021090304"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht212177"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20210210-01-sudo-cn"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-the-linux-kernel-samba-sudo-python-and-tcmu-runner-affect-ibm-spectrum-protect-plus/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161163/ubuntu-security-notice-usn-4705-2.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021092209"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-6/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161135/ubuntu-security-notice-usn-4705-1.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122914"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0864"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0467"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2604"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-256-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4036"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-5/"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-002"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4705-1"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10348"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/sudo"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0225"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17006"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20907"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1079"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5188"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12749"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8625"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-12652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12401"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12402"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1971"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14866"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20843"
},
{
"trust": 0.1,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17006"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17546"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12401"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17546"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17023"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17023"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12243"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12749"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-6829"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14866"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12652"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12400"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20388"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19956"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11756"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11756"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12243"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12400"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-5313"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20191"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11727"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1971"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11719"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5094"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20180"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11727"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12403"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5188"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15903"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5094"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15903"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19956"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-5313"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17498"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17498"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20907"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14422"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12402"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/2974891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25686"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25685"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25686"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25684"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0395"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4705-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sudo/1.8.31-1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23239"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sudo/1.9.1-1ubuntu1.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sudo/1.8.16-0ubuntu1.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/sudo/1.8.21p2-3ubuntu1.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0223"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
},
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161272"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161135"
},
{
"db": "PACKETSTORM",
"id": "161145"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2221"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#794544"
},
{
"db": "VULHUB",
"id": "VHN-383931"
},
{
"db": "VULMON",
"id": "CVE-2021-3156"
},
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161139"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "161141"
},
{
"db": "PACKETSTORM",
"id": "161272"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161135"
},
{
"db": "PACKETSTORM",
"id": "161145"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2221"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-04T00:00:00",
"db": "CERT/CC",
"id": "VU#794544"
},
{
"date": "2021-01-26T00:00:00",
"db": "VULHUB",
"id": "VHN-383931"
},
{
"date": "2021-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3156"
},
{
"date": "2021-01-28T20:12:00",
"db": "PACKETSTORM",
"id": "168983"
},
{
"date": "2021-01-27T14:06:12",
"db": "PACKETSTORM",
"id": "161139"
},
{
"date": "2021-04-09T15:06:13",
"db": "PACKETSTORM",
"id": "162142"
},
{
"date": "2021-01-27T14:06:28",
"db": "PACKETSTORM",
"id": "161141"
},
{
"date": "2021-02-03T16:22:29",
"db": "PACKETSTORM",
"id": "161272"
},
{
"date": "2021-01-28T13:59:34",
"db": "PACKETSTORM",
"id": "161163"
},
{
"date": "2021-01-27T14:05:32",
"db": "PACKETSTORM",
"id": "161135"
},
{
"date": "2021-01-27T14:07:05",
"db": "PACKETSTORM",
"id": "161145"
},
{
"date": "2021-01-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-2221"
},
{
"date": "2021-09-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"date": "2021-01-26T21:15:12.987000",
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-26T00:00:00",
"db": "CERT/CC",
"id": "VU#794544"
},
{
"date": "2022-09-03T00:00:00",
"db": "VULHUB",
"id": "VHN-383931"
},
{
"date": "2024-02-04T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3156"
},
{
"date": "2022-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-2221"
},
{
"date": "2022-09-15T05:47:00",
"db": "JVNDB",
"id": "JVNDB-2021-002344"
},
{
"date": "2025-11-10T14:41:45.053000",
"db": "NVD",
"id": "CVE-2021-3156"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "168983"
},
{
"db": "PACKETSTORM",
"id": "161163"
},
{
"db": "PACKETSTORM",
"id": "161135"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2221"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sudo set_cmd() is vulnerable to heap-based buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#794544"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-2221"
}
],
"trust": 0.6
}
}
CERTFR-2023-AVI-0043
Vulnerability from certfr_avis - Published: 2023-01-20 - Updated: 2023-01-20
Une vulnérabilité a été découverte dans sudo. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité et une élévation de privilèges.
La vulnérabilité est induite par un manquement dans la vérification de l'argument paramétrant l'éditeur texte de l'utilisateur.
Solution
La vulnérabilité est corrigée dans la version sudo 1.9.12p2. Le déploiement de ce correctif sera réalisé selon le rythme de cycle de mise à jour de sécurité de chaque distribution. Il est conseillé de se référer aux bulletins de sécurité des éditeurs de distribution Unix, Linux et Mac.
La mise à jour d'un produit ou d'un logiciel est une opération délicate qui doit être menée avec prudence. Il est notamment recommander d'effectuer des tests autant que possible. Des dispositions doivent également être prises pour garantir la continuité de service en cas de difficultés lors de l'application des mises à jour comme des correctifs ou des changements de version.
Contournement provisoire
Il est possible d'empêcher l'utilisation d'un éditeur de texte spécifié par l'utilisateur lors de l'exécution de commande sudoedit en ajoutant les lignes suivantes dans le fichier sudoers :
Defaults!sudoedit env_delete+="SUDO_EDITOR VISUAL EDITOR"
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des détails sur la correction (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sudo versions 1.8.x et 1.9.x ant\u00e9rieures \u00e0 1.9.12p2",
"product": {
"name": "Sudo",
"vendor": {
"name": "Sudo",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nLa vuln\u00e9rabilit\u00e9 est corrig\u00e9e dans la version sudo 1.9.12p2. Le\nd\u00e9ploiement de ce correctif sera r\u00e9alis\u00e9 selon le rythme de cycle de\nmise \u00e0 jour de s\u00e9curit\u00e9 de chaque distribution. Il est conseill\u00e9 de se\nr\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 des \u00e9diteurs de distribution Unix,\nLinux et Mac.\n\nLa mise \u00e0\u00a0jour d\u0027un produit ou d\u0027un logiciel est une op\u00e9ration d\u00e9licate\nqui doit \u00eatre men\u00e9e avec prudence. Il est notamment recommander\nd\u0027effectuer des tests autant que possible. Des dispositions doivent\n\u00e9galement \u00eatre prises pour garantir la continuit\u00e9 de service en cas de\ndifficult\u00e9s lors de l\u0027application des mises \u00e0 jour comme des correctifs\nou des changements de version.\n\n## Contournement provisoire\n\nIl est possible d\u0027emp\u00eacher l\u0027utilisation d\u0027un \u00e9diteur de texte sp\u00e9cifi\u00e9\npar l\u0027utilisateur lors de l\u0027ex\u00e9cution de commande *sudoedit* en ajoutant\nles lignes suivantes dans le fichier *sudoers* :\n\n`Defaults!sudoedit env_delete+=\"SUDO_EDITOR VISUAL EDITOR\"`\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\nd\u00e9tails sur la correction (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
}
],
"initial_release_date": "2023-01-20T00:00:00",
"last_revision_date": "2023-01-20T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0043",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-01-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans sudo. Elle permet \u00e0 un attaquant\nde provoquer un contournement de la politique de s\u00e9curit\u00e9 et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n\nLa vuln\u00e9rabilit\u00e9 est induite par un manquement dans la v\u00e9rification de\nl\u0027argument param\u00e9trant l\u0027\u00e9diteur texte de l\u0027utilisateur.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Sudo",
"vendor_advisories": [
{
"published_at": "2023-01-18",
"title": "Bulletin de s\u00e9curit\u00e9 Sudo",
"url": "https://www.sudo.ws/security/advisories/sudoedit_any/"
}
]
}
CERTFR-2021-AVI-063
Vulnerability from certfr_avis - Published: 2021-01-27 - Updated: 2021-01-27
Une vulnérabilité a été découverte dans Sudo. Elle permet à un attaquant de provoquer une élévation de privilèges. Les différents éditeurs de distributions Linux ont déjà publié des correctifs.
Solution
Il est recommandé d'utiliser la mise à jour de sécurité fournie par les éditeurs des distributions Linux.
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "les versions de Sudo fournies par les \u00e9diteurs de distribution Linux sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sudo",
"vendor": {
"name": "Sudo",
"scada": false
}
}
},
{
"description": "Sudo versions ant\u00e9rieures \u00e0 1.9.5p2",
"product": {
"name": "Sudo",
"vendor": {
"name": "Sudo",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\n**Il est recommand\u00e9 d\u0027utiliser la mise \u00e0 jour de s\u00e9curit\u00e9 fournie par\nles \u00e9diteurs des distributions Linux.**\n",
"cves": [
{
"name": "CVE-2021-3156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3156"
}
],
"initial_release_date": "2021-01-27T00:00:00",
"last_revision_date": "2021-01-27T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-063",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-27T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Sudo. Elle permet \u00e0 un attaquant\nde provoquer une \u00e9l\u00e9vation de privil\u00e8ges. Les diff\u00e9rents \u00e9diteurs de\ndistributions Linux ont d\u00e9j\u00e0 publi\u00e9 des correctifs.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Sudo",
"vendor_advisories": [
{
"published_at": "2021-01-26",
"title": "Bulletin de s\u00e9curit\u00e9 Sudo",
"url": "https://www.sudo.ws/alerts/unescape_overflow.html"
}
]
}
CERTA-2011-AVI-013
Vulnerability from certfr_avis - Published: 2011-01-14 - Updated: 2012-03-07
Une vulnérabilité dans la commande sudo permet à un utilisateur malveillant d'élever ses privilèges.
Description
La commande sudo a été enrichie d'une fonction de changement de groupe lors du passage à la version 1.7.0. Dans certaines configurations, un utilisateur malveillant peut acquérir sans vérification les droits assignés à un groupe dont il n'est pas membre.
Solution
La version 1.7.4p5 remédie à ce problème.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "sudo 1.7.0 \u00e0 1.7.4p4.",
"product": {
"name": "Sudo",
"vendor": {
"name": "Sudo",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Description\n\nLa commande sudo a \u00e9t\u00e9 enrichie d\u0027une fonction de changement de groupe\nlors du passage \u00e0 la version 1.7.0. Dans certaines configurations, un\nutilisateur malveillant peut acqu\u00e9rir sans v\u00e9rification les droits\nassign\u00e9s \u00e0 un groupe dont il n\u0027est pas membre.\n\n## Solution\n\nLa version 1.7.4p5 rem\u00e9die \u00e0 ce probl\u00e8me.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0010"
}
],
"initial_release_date": "2011-01-14T00:00:00",
"last_revision_date": "2012-03-07T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 201203-06 du 06 mars 2012 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201203-06.xml"
}
],
"reference": "CERTA-2011-AVI-013",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-01-14T00:00:00.000000"
},
{
"description": "ajout du bulletinde s\u00e9curit\u00e9 Gentoo.",
"revision_date": "2012-03-07T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans la commande \u003cspan class=\"textit\"\u003esudo\u003c/span\u003e\npermet \u00e0 un utilisateur malveillant d\u0027\u00e9lever ses privil\u00e8ges.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans sudo",
"vendor_advisories": [
{
"published_at": "2011-01-12",
"title": "Bulletin de s\u00e9curit\u00e9 sudo",
"url": "http://www.sudo.ws/sudo/alerts/runas_group_pw.html"
}
]
}
CERTA-2010-AVI-299
Vulnerability from certfr_avis - Published: 2010-07-02 - Updated: 2010-07-02
Une vulnérabilité de sudo permet à un utilisateur malveillant d'élever ses privilèges.
Description
Lorsque le programme sudo est utilisé avec l'option secure path, un utilisateur malveillant peut exécuter des commandes qui ne lui sont pas autorisées en manipulant la variable PATH.
Solution
Les version 1.6.9p23 et 1.7.2p7 remédient à ce problème.
Se référer aux bulletins de sécurité des éditeurs pour l'obtention des correctifs (cf. section Documentation).
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "sudo, version 1.x.",
"product": {
"name": "Sudo",
"vendor": {
"name": "Sudo",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Description\n\nLorsque le programme sudo est utilis\u00e9 avec l\u0027option secure path, un\nutilisateur malveillant peut ex\u00e9cuter des commandes qui ne lui sont pas\nautoris\u00e9es en manipulant la variable PATH.\n\n## Solution\n\nLes version 1.6.9p23 et 1.7.2p7 rem\u00e9dient \u00e0 ce probl\u00e8me.\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 des \u00e9diteurs pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-1646",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1646"
}
],
"initial_release_date": "2010-07-02T00:00:00",
"last_revision_date": "2010-07-02T00:00:00",
"links": [
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora FEDORA-2010-9417 du 21 juin 2010 :",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2010:118 du 17 juin 2010 :",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:118"
},
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora FEDORA-2010-9402 du 14 juin 2010 :",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 2062 du 17 juin 2010 :",
"url": "http://www.debian.org/security/2010/dsa-2062"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-956-1 du 30 juin 2010 :",
"url": "http://www.ubuntulinux.org/usn/usn-956-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0475 du 15 juin 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0475.html"
},
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora FEDORA-2010-9415 du 21 juin 2010 :",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html"
}
],
"reference": "CERTA-2010-AVI-299",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-07-02T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 de \u003cspan class=\"textit\"\u003esudo\u003c/span\u003e permet \u00e0 un\nutilisateur malveillant d\u0027\u00e9lever ses privil\u00e8ges.\n",
"title": "Vuln\u00e9rabilit\u00e9 de sudo",
"vendor_advisories": [
{
"published_at": "2010-06-02",
"title": "Bulletin de s\u00e9curit\u00e9 du projet sudo",
"url": "http://www.sudo.ws/sudo/alerts/secure_path.html"
}
]
}
CERTA-2010-AVI-095
Vulnerability from certfr_avis - Published: 2010-03-01 - Updated: 2010-03-01
Une vulnérabilité dans Sudo permet à une personne malintentionnée de contourner la politique de sécurité.
Description
Une vulnérabilité dans la commande Sudo permet à un utilisateur, ayant la permission d'utiliser l'option « -e » (sudoedit), d'exécuter des commandes arbitraires.
Solution
Mettre à jour Sudo dans sa dernière version stable (cf. section Documentation).
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sudo versions 1.6.9 \u00e0 1.7.2p3.",
"product": {
"name": "Sudo",
"vendor": {
"name": "Sudo",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans la commande Sudo permet \u00e0 un utilisateur, ayant\nla permission d\u0027utiliser l\u0027option \u00ab -e \u00bb (sudoedit), d\u0027ex\u00e9cuter des\ncommandes arbitraires.\n\n## Solution\n\nMettre \u00e0 jour Sudo dans sa derni\u00e8re version stable (cf. section\nDocumentation).\n",
"cves": [],
"initial_release_date": "2010-03-01T00:00:00",
"last_revision_date": "2010-03-01T00:00:00",
"links": [
{
"title": "Page de t\u00e9l\u00e9chargement de la derni\u00e8re version stable de Sudo :",
"url": "http://www.sudo.ws/sudo/stable.html"
}
],
"reference": "CERTA-2010-AVI-095",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-03-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans Sudo permet \u00e0 une personne malintentionn\u00e9e de\ncontourner la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Sudo",
"vendor_advisories": [
{
"published_at": "2010-02-22",
"title": "Bulletin de s\u00e9curit\u00e9 Sudo",
"url": "https://www.sudo.ws/security/advisories/sudoedit_escalate/"
}
]
}
CERTA-2004-AVI-371
Vulnerability from certfr_avis - Published: 2004-11-19 - Updated: 2004-11-24
sudo est un utilitaire qui permet d'accorder des droits
d'administration à des utilisateurs non privilégiés du système. Une
vulnérabilité dans l'utilisation de variables d'environnement par sudo
permet à un utilisateur local mal intentionné d'exécuter du code
arbitraire afin d'élever ses privilèges.
Solution
Mettre à jour l'utilitaire sudo avec la version 1.6.8p2 disponible sur
le site suivant :
http://www.sudo.ws
Impacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Versions de sudo ant\u00e9rieures \u00e0 la version 1.6.8p2.",
"product": {
"name": "Sudo",
"vendor": {
"name": "Sudo",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nMettre \u00e0 jour l\u0027utilitaire `sudo` avec la version 1.6.8p2 disponible sur\nle site suivant :\n\n http://www.sudo.ws\n",
"cves": [],
"initial_release_date": "2004-11-19T00:00:00",
"last_revision_date": "2004-11-24T00:00:00",
"links": [
{
"title": "R\u00e9f\u00e9rence CVE CAN-2004-1051 :",
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1051"
},
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 du paquetage NetBSD sudo :",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/sudo/README.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 FreeBSD pour sudo du 11 novembre 2004 :",
"url": "http://www.vuxml.org/freebsd/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandrake MDKSA-2004:133 du 15 novembre 2004 :",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:133"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-596 du 24 novembre 2004 :",
"url": "http://www.debian.org/security/2004/dsa-596"
}
],
"reference": "CERTA-2004-AVI-371",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2004-11-19T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Mandrake, FreeBSD et NetBSD.",
"revision_date": "2004-11-22T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Debian.",
"revision_date": "2004-11-24T00:00:00.000000"
}
],
"risks": [
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "`sudo` est un utilitaire qui permet d\u0027accorder des droits\nd\u0027administration \u00e0 des utilisateurs non privil\u00e9gi\u00e9s du syst\u00e8me. Une\nvuln\u00e9rabilit\u00e9 dans l\u0027utilisation de variables d\u0027environnement par `sudo`\npermet \u00e0 un utilisateur local mal intentionn\u00e9 d\u0027ex\u00e9cuter du code\narbitraire afin d\u0027\u00e9lever ses privil\u00e8ges.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans l\u0027utilitaire sudo",
"vendor_advisories": [
{
"published_at": "2004-11-11",
"title": "Bulletin de s\u00e9curit\u00e9 sudo",
"url": "http://www.sudo.ws/sudo/alerts/bash_functions.html"
}
]
}
CVE-2019-19234 (GCVE-0-2019-19234)
Vulnerability from nvd – Published: 2019-12-19 20:35 – Updated: 2024-08-05 02:09 Disputed
VLAI?
Summary
In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. NOTE: The software maintainer believes that this CVE is not valid. Disabling local password authentication for a user is not the same as disabling all access to that user--the user may still be able to login via other means (ssh key, kerberos, etc). Both the Linux shadow(5) and passwd(1) manuals are clear on this. Indeed it is a valid use case to have local accounts that are _only_ accessible via sudo and that cannot be logged into with a password. Sudo 1.8.30 added an optional setting to check the _shell_ of the target user (not the encrypted password!) against the contents of /etc/shells but that is not the same thing as preventing access to users with an invalid password hash
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/plugins/nessus/132985"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2019-19234/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19234"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. NOTE: The software maintainer believes that this CVE is not valid. Disabling local password authentication for a user is not the same as disabling all access to that user--the user may still be able to login via other means (ssh key, kerberos, etc). Both the Linux shadow(5) and passwd(1) manuals are clear on this. Indeed it is a valid use case to have local accounts that are _only_ accessible via sudo and that cannot be logged into with a password. Sudo 1.8.30 added an optional setting to check the _shell_ of the target user (not the encrypted password!) against the contents of /etc/shells but that is not the same thing as preventing access to users with an invalid password hash"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T13:02:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/plugins/nessus/132985"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/security/cve/CVE-2019-19234/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19234"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. NOTE: The software maintainer believes that this CVE is not valid. Disabling local password authentication for a user is not the same as disabling all access to that user--the user may still be able to login via other means (ssh key, kerberos, etc). Both the Linux shadow(5) and passwd(1) manuals are clear on this. Indeed it is a valid use case to have local accounts that are _only_ accessible via sudo and that cannot be logged into with a password. Sudo 1.8.30 added an optional setting to check the _shell_ of the target user (not the encrypted password!) against the contents of /etc/shells but that is not the same thing as preventing access to users with an invalid password hash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sudo.ws/stable.html",
"refsource": "MISC",
"url": "https://www.sudo.ws/stable.html"
},
{
"name": "https://www.sudo.ws/devel.html#1.8.30b2",
"refsource": "CONFIRM",
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200103-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748"
},
{
"name": "https://www.tenable.com/plugins/nessus/132985",
"refsource": "MISC",
"url": "https://www.tenable.com/plugins/nessus/132985"
},
{
"name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234",
"refsource": "CONFIRM",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234"
},
{
"name": "https://www.suse.com/security/cve/CVE-2019-19234/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2019-19234/"
},
{
"name": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html",
"refsource": "MISC",
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"name": "https://access.redhat.com/security/cve/cve-2019-19234",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2019-19234"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"name": "https://www.oracle.com/security-alerts/bulletinapr2020.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19234",
"datePublished": "2019-12-19T20:35:02",
"dateReserved": "2019-11-22T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19232 (GCVE-0-2019-19232)
Vulnerability from nvd – Published: 2019-12-19 20:37 – Updated: 2024-08-05 02:09 Disputed
VLAI?
Summary
In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19232"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211100"
},
{
"name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/31"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/en-gb/HT211100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/plugins/nessus/133936"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T13:02:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19232"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211100"
},
{
"name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/31"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/en-gb/HT211100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/plugins/nessus/133936"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sudo.ws/stable.html",
"refsource": "MISC",
"url": "https://www.sudo.ws/stable.html"
},
{
"name": "https://www.sudo.ws/devel.html#1.8.30b2",
"refsource": "CONFIRM",
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200103-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"name": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html",
"refsource": "MISC",
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232",
"refsource": "CONFIRM",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
},
{
"name": "https://access.redhat.com/security/cve/cve-2019-19232",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2019-19232"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"name": "https://support.apple.com/kb/HT211100",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211100"
},
{
"name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/31"
},
{
"name": "https://support.apple.com/en-gb/HT211100",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-gb/HT211100"
},
{
"name": "https://www.tenable.com/plugins/nessus/133936",
"refsource": "MISC",
"url": "https://www.tenable.com/plugins/nessus/133936"
},
{
"name": "https://www.oracle.com/security-alerts/bulletinapr2020.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19232",
"datePublished": "2019-12-19T20:37:09",
"dateReserved": "2019-11-22T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19232 (GCVE-0-2019-19232)
Vulnerability from cvelistv5 – Published: 2019-12-19 20:37 – Updated: 2024-08-05 02:09 Disputed
VLAI?
Summary
In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19232"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT211100"
},
{
"name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/31"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/en-gb/HT211100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/plugins/nessus/133936"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T13:02:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19232"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT211100"
},
{
"name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Mar/31"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/en-gb/HT211100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/plugins/nessus/133936"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sudo.ws/stable.html",
"refsource": "MISC",
"url": "https://www.sudo.ws/stable.html"
},
{
"name": "https://www.sudo.ws/devel.html#1.8.30b2",
"refsource": "CONFIRM",
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200103-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"name": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html",
"refsource": "MISC",
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232",
"refsource": "CONFIRM",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
},
{
"name": "https://access.redhat.com/security/cve/cve-2019-19232",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2019-19232"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"name": "https://support.apple.com/kb/HT211100",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT211100"
},
{
"name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Mar/31"
},
{
"name": "https://support.apple.com/en-gb/HT211100",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-gb/HT211100"
},
{
"name": "https://www.tenable.com/plugins/nessus/133936",
"refsource": "MISC",
"url": "https://www.tenable.com/plugins/nessus/133936"
},
{
"name": "https://www.oracle.com/security-alerts/bulletinapr2020.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19232",
"datePublished": "2019-12-19T20:37:09",
"dateReserved": "2019-11-22T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19234 (GCVE-0-2019-19234)
Vulnerability from cvelistv5 – Published: 2019-12-19 20:35 – Updated: 2024-08-05 02:09 Disputed
VLAI?
Summary
In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. NOTE: The software maintainer believes that this CVE is not valid. Disabling local password authentication for a user is not the same as disabling all access to that user--the user may still be able to login via other means (ssh key, kerberos, etc). Both the Linux shadow(5) and passwd(1) manuals are clear on this. Indeed it is a valid use case to have local accounts that are _only_ accessible via sudo and that cannot be logged into with a password. Sudo 1.8.30 added an optional setting to check the _shell_ of the target user (not the encrypted password!) against the contents of /etc/shells but that is not the same thing as preventing access to users with an invalid password hash
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/plugins/nessus/132985"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2019-19234/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19234"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. NOTE: The software maintainer believes that this CVE is not valid. Disabling local password authentication for a user is not the same as disabling all access to that user--the user may still be able to login via other means (ssh key, kerberos, etc). Both the Linux shadow(5) and passwd(1) manuals are clear on this. Indeed it is a valid use case to have local accounts that are _only_ accessible via sudo and that cannot be logged into with a password. Sudo 1.8.30 added an optional setting to check the _shell_ of the target user (not the encrypted password!) against the contents of /etc/shells but that is not the same thing as preventing access to users with an invalid password hash"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T13:02:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sudo.ws/stable.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/plugins/nessus/132985"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/security/cve/CVE-2019-19234/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/cve-2019-19234"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blocked user. NOTE: The software maintainer believes that this CVE is not valid. Disabling local password authentication for a user is not the same as disabling all access to that user--the user may still be able to login via other means (ssh key, kerberos, etc). Both the Linux shadow(5) and passwd(1) manuals are clear on this. Indeed it is a valid use case to have local accounts that are _only_ accessible via sudo and that cannot be logged into with a password. Sudo 1.8.30 added an optional setting to check the _shell_ of the target user (not the encrypted password!) against the contents of /etc/shells but that is not the same thing as preventing access to users with an invalid password hash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sudo.ws/stable.html",
"refsource": "MISC",
"url": "https://www.sudo.ws/stable.html"
},
{
"name": "https://www.sudo.ws/devel.html#1.8.30b2",
"refsource": "CONFIRM",
"url": "https://www.sudo.ws/devel.html#1.8.30b2"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200103-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
},
{
"name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5505"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58104"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58473"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58772"
},
{
"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748",
"refsource": "MISC",
"url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs60748"
},
{
"name": "https://www.tenable.com/plugins/nessus/132985",
"refsource": "MISC",
"url": "https://www.tenable.com/plugins/nessus/132985"
},
{
"name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1019-3816"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234",
"refsource": "CONFIRM",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19234"
},
{
"name": "https://www.suse.com/security/cve/CVE-2019-19234/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2019-19234/"
},
{
"name": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html",
"refsource": "MISC",
"url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
},
{
"name": "https://access.redhat.com/security/cve/cve-2019-19234",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2019-19234"
},
{
"name": "FEDORA-2020-8b563bc5f4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
},
{
"name": "FEDORA-2020-7c1b270959",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
},
{
"name": "https://www.oracle.com/security-alerts/bulletinapr2020.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19234",
"datePublished": "2019-12-19T20:35:02",
"dateReserved": "2019-11-22T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}