Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2005:036: sudo


Vulnerability Assessment Details

SUSE-SA:2005:036: sudo

Vulnerability Assessment Summary
Check for the version of the sudo package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2005:036 (sudo).


Sudo(8) permits the execution of commands as another user and gives the
administrator more flexibility than su(1).
A race condition in the pathname handling of sudo may permit a local user
to execute arbitrary commands. To exploit this bug some conditions need
to be fulfilled. The attacking user needs to be listed in the sudoers file,
he is able to create symbolic links in the filesystem, and a ALL alias-
command needs to follow the attackers entry.


Solution : http://www.suse.de/security/advisories/2005_36_sudo.html
Network Security Threat Level: Medium

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security

Cables, Connectors


AMD Ryzen Threadripper 2950X 16 Core CPU USA picture

AMD Ryzen Threadripper 2950X 16 Core CPU USA

$199.20



Intel Core i7-14700K Unlocked Desktop Processor - Up to 5.6 GHz max clock speed picture

Intel Core i7-14700K Unlocked Desktop Processor - Up to 5.6 GHz max clock speed

$389.99



Intel Core i9-14900K Unlocked Desktop Processor picture

Intel Core i9-14900K Unlocked Desktop Processor

$549.99



AMD Ryzen 5 4500 6-Core 3.6GHz Socket AM4 65W CPU Desktop Processor picture

AMD Ryzen 5 4500 6-Core 3.6GHz Socket AM4 65W CPU Desktop Processor

$63.38



AMD Ryzen 7 7700 Processor (5.3 GHz, 8 Cores, Socket AM5)  picture

AMD Ryzen 7 7700 Processor (5.3 GHz, 8 Cores, Socket AM5)

$205.00



Intel Core i7-12700KF Unlocked Desktop Processor - 12 Cores And 20 Threads picture

Intel Core i7-12700KF Unlocked Desktop Processor - 12 Cores And 20 Threads

$194.99



Intel Core i5-9500T 2.2 GHz 8GT/s LGA 1151 Desktop CPU Processor SRF4D picture

Intel Core i5-9500T 2.2 GHz 8GT/s LGA 1151 Desktop CPU Processor SRF4D

$44.99



Intel Core i7-6700 3.40 GHz QUAD Core (4 Core) Desktop Processor 8MB LGA 1151 picture

Intel Core i7-6700 3.40 GHz QUAD Core (4 Core) Desktop Processor 8MB LGA 1151

$49.99



AMD Ryzen 9 5900X 3.70GHz 12 Core 100-000000061 24 Thread AM4 *USED* picture

AMD Ryzen 9 5900X 3.70GHz 12 Core 100-000000061 24 Thread AM4 *USED*

$199.99



NEW Intel Core i9 8-Core 11900K 5.30GHz i9-11900K SRKND LGA1200 CPU Processor picture

NEW Intel Core i9 8-Core 11900K 5.30GHz i9-11900K SRKND LGA1200 CPU Processor

$212.98



Discussions

No Discussions have been posted on this vulnerability.