ID de Prueba:	1.3.6.1.4.1.25623.1.0.883181
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for sudo (CESA-2020:0540)
Resumen:	The remote host is missing an update for the 'sudo'; package(s) announced via the CESA-2020:0540 advisory.
Descripción:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the CESA-2020:0540 advisory. Vulnerability Insight: The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: Stack based buffer overflow when pwfeedback is enabled (CVE-2019-18634) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'sudo' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-18634 Bugtraq: 20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra (Google Search) https://seclists.org/bugtraq/2020/Jan/44 Bugtraq: 20200203 [SECURITY] [DSA 4614-1] sudo security update (Google Search) https://seclists.org/bugtraq/2020/Feb/2 Bugtraq: 20200203 [slackware-security] sudo (SSA:2020-031-01) (Google Search) https://seclists.org/bugtraq/2020/Feb/3 Debian Security Information: DSA-4614 (Google Search) https://www.debian.org/security/2020/dsa-4614 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/ http://seclists.org/fulldisclosure/2020/Jan/40 https://security.gentoo.org/glsa/202003-12 http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html https://www.sudo.ws/security.html https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html http://www.openwall.com/lists/oss-security/2020/01/30/6 http://www.openwall.com/lists/oss-security/2020/01/31/1 http://www.openwall.com/lists/oss-security/2020/02/05/2 http://www.openwall.com/lists/oss-security/2020/02/05/5 RedHat Security Advisories: RHSA-2020:0487 https://access.redhat.com/errata/RHSA-2020:0487 RedHat Security Advisories: RHSA-2020:0509 https://access.redhat.com/errata/RHSA-2020:0509 RedHat Security Advisories: RHSA-2020:0540 https://access.redhat.com/errata/RHSA-2020:0540 RedHat Security Advisories: RHSA-2020:0726 https://access.redhat.com/errata/RHSA-2020:0726 SuSE Security Announcement: openSUSE-SU-2020:0244 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html https://usn.ubuntu.com/4263-1/ https://usn.ubuntu.com/4263-2/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.