Test ID:	1.3.6.1.4.1.25623.1.0.883181
Category:	CentOS Local Security Checks
Title:	CentOS: Security Advisory for sudo (CESA-2020:0540)
Summary:	The remote host is missing an update for the 'sudo'; package(s) announced via the CESA-2020:0540 advisory.
Description:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the CESA-2020:0540 advisory. Vulnerability Insight: The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: Stack based buffer overflow when pwfeedback is enabled (CVE-2019-18634) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'sudo' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-18634 Bugtraq: 20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra (Google Search) https://seclists.org/bugtraq/2020/Jan/44 Bugtraq: 20200203 [SECURITY] [DSA 4614-1] sudo security update (Google Search) https://seclists.org/bugtraq/2020/Feb/2 Bugtraq: 20200203 [slackware-security] sudo (SSA:2020-031-01) (Google Search) https://seclists.org/bugtraq/2020/Feb/3 Debian Security Information: DSA-4614 (Google Search) https://www.debian.org/security/2020/dsa-4614 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/ http://seclists.org/fulldisclosure/2020/Jan/40 https://security.gentoo.org/glsa/202003-12 http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html https://www.sudo.ws/security.html https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html http://www.openwall.com/lists/oss-security/2020/01/30/6 http://www.openwall.com/lists/oss-security/2020/01/31/1 http://www.openwall.com/lists/oss-security/2020/02/05/2 http://www.openwall.com/lists/oss-security/2020/02/05/5 RedHat Security Advisories: RHSA-2020:0487 https://access.redhat.com/errata/RHSA-2020:0487 RedHat Security Advisories: RHSA-2020:0509 https://access.redhat.com/errata/RHSA-2020:0509 RedHat Security Advisories: RHSA-2020:0540 https://access.redhat.com/errata/RHSA-2020:0540 RedHat Security Advisories: RHSA-2020:0726 https://access.redhat.com/errata/RHSA-2020:0726 SuSE Security Announcement: openSUSE-SU-2020:0244 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html https://usn.ubuntu.com/4263-1/ https://usn.ubuntu.com/4263-2/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.