Test Kennung:	1.3.6.1.4.1.25623.1.0.883317
Kategorie:	CentOS Local Security Checks
Titel:	CentOS: Security Advisory for sudo (CESA-2021:0221)
Zusammenfassung:	The remote host is missing an update for the 'sudo'; package(s) announced via the CESA-2021:0221 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the CESA-2021:0221 advisory. Vulnerability Insight: The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: Heap buffer overflow in argument parsing (CVE-2021-3156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'sudo' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3156 CERT/CC vulnerability note: VU#794544 https://www.kb.cert.org/vuls/id/794544 Cisco Security Advisory: 20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM https://kc.mcafee.com/corporate/index?page=content&id=SB10348 https://security.netapp.com/advisory/ntap-20210128-0001/ https://security.netapp.com/advisory/ntap-20210128-0002/ https://support.apple.com/kb/HT212177 https://www.sudo.ws/stable.html#1.9.5p2 https://www.synology.com/security/advisory/Synology_SA_21_02 Debian Security Information: DSA-4839 (Google Search) https://www.debian.org/security/2021/dsa-4839 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/ http://seclists.org/fulldisclosure/2021/Jan/79 http://seclists.org/fulldisclosure/2021/Feb/42 http://seclists.org/fulldisclosure/2024/Feb/3 https://security.gentoo.org/glsa/202101-33 http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability https://www.openwall.com/lists/oss-security/2021/01/26/3 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html http://www.openwall.com/lists/oss-security/2021/01/26/3 http://www.openwall.com/lists/oss-security/2021/01/27/1 http://www.openwall.com/lists/oss-security/2021/01/27/2 http://www.openwall.com/lists/oss-security/2021/02/15/1 http://www.openwall.com/lists/oss-security/2021/09/14/2 http://www.openwall.com/lists/oss-security/2024/01/30/6 http://www.openwall.com/lists/oss-security/2024/01/30/8
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.