 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2010-2757 |
| Description: | The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.67928 1.3.6.1.4.1.25623.1.0.67926 1.3.6.1.4.1.25623.1.0.67924 1.3.6.1.4.1.25623.1.0.68000 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-2757 BugTraq ID: 42275 http://www.securityfocus.com/bid/42275 http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html http://secunia.com/advisories/40892 http://secunia.com/advisories/41128 http://www.vupen.com/english/advisories/2010/2035 http://www.vupen.com/english/advisories/2010/2205 |