From db6760ec5f704cc5a151648c93599e62d318d9b4 Mon Sep 17 00:00:00 2001 From: simon Date: Mon, 20 Jun 2005 20:18:18 +0000 Subject: Document sudo -- local race condition vulnerability. --- security/vuxml/vuln.xml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index c920c55115a1..c3f349c2ffbc 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,40 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> + + sudo -- local race condition vulnerability + + + sudo + 1.6.8.9 + + + + +

Todd C. Miller reports:

+
+

A race condition in Sudo's command pathname handling + prior to Sudo version 1.6.8p9 that could allow a user with + Sudo privileges to run arbitrary commands.

+

Exploitation of the bug requires that the user be allowed + to run one or more commands via Sudo and be able to create + symbolic links in the filesystem. Furthermore, a sudoers + entry giving another user access to the ALL pseudo-command + must follow the user's sudoers entry for the race to + exist.

+
+ + + + 13993 + http://marc.theaimsgroup.com/?l=bugtraq&m=111928183431376 + + + 2005-06-20 + 2005-06-20 + + + trac -- file upload/download vulnerability -- cgit _yarn/devel/electron4/files/ini-1.3.7'>dependabot/npm_and_yarn/devel/electron4/files/ini-1.3.7 FreeBSD GNOME current development ports (https://github.com/freebsd/freebsd-ports-gnome)
aboutsummaryrefslogtreecommitdiffstats
path: root/converters/p5-Cpanel-JSON-XS
Commit message (Expand)AuthorAgeFilesLines
* - Add PORTSCOUTsunpoet2016-04-151-0/+2
* Remove ${PORTSDIR}/ from dependencies, Mk and categories a, b, and c.mat2016-04-011-9/+9
* - Update to 3.0213sunpoet2016-03-062-3/+3
* - Update to 3.0211sunpoet2016-01-172-3/+3
* - Update to 3.0210sunpoet2015-12-042-3/+3
* - Update to 3.0205sunpoet2015-12-022-3/+3
* - Update to 3.0203sunpoet2015-11-282-5/+9
* - Strip shared librarysunpoet2015-11-152-1/+5
* Make it so that the default Perl is always called perl5.mat2015-09-141-1/+1
* - Update to 3.0115sunpoet2015-02-192-3/+3
* - Update to 3.0114sunpoet2015-01-062-3/+3
* - Update to 3.0113sunpoet2014-12-212-3/+3
* - Update to 3.0108sunpoet2014-12-142-3/+3
* - Update to 3.0107sunpoet2014-12-042-4/+3
* Change the way Perl modules are installed, update the default Perl to 5.18.mat2014-11-262-4/+4
* - Update to 3.0106sunpoet2014-11-252-3/+3
* Cleanup plistbapt2014-10-201-6/+0
* Remove all the bootstrap files (.bs) from the plists.mat2014-06-101-1/+0
* - Update to 3.0104sunpoet2014-04-292-5/+7
* - Add p5-Cpanel-JSON-XS 2.3403sunpoet2013-11-07