Test ID:	1.3.6.1.4.1.25623.1.0.892094
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-2094-1)
Summary:	The remote host is missing an update for the Debian 'sudo' package(s) announced via the DLA-2094-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'sudo' package(s) announced via the DLA-2094-1 advisory. Vulnerability Insight: A stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the pwfeedback option enabled. An unprivileged user can take advantage of this flaw to obtain full root privileges. For Debian 8 Jessie, this problem has been fixed in version 1.8.10p3-1+deb8u7. We recommend that you upgrade your sudo packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'sudo' package(s) on Debian 8. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-18634 Bugtraq: 20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra (Google Search) https://seclists.org/bugtraq/2020/Jan/44 Bugtraq: 20200203 [SECURITY] [DSA 4614-1] sudo security update (Google Search) https://seclists.org/bugtraq/2020/Feb/2 Bugtraq: 20200203 [slackware-security] sudo (SSA:2020-031-01) (Google Search) https://seclists.org/bugtraq/2020/Feb/3 Debian Security Information: DSA-4614 (Google Search) https://www.debian.org/security/2020/dsa-4614 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/ http://seclists.org/fulldisclosure/2020/Jan/40 https://security.gentoo.org/glsa/202003-12 http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html https://www.sudo.ws/security.html https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html http://www.openwall.com/lists/oss-security/2020/01/30/6 http://www.openwall.com/lists/oss-security/2020/01/31/1 http://www.openwall.com/lists/oss-security/2020/02/05/2 http://www.openwall.com/lists/oss-security/2020/02/05/5 RedHat Security Advisories: RHSA-2020:0487 https://access.redhat.com/errata/RHSA-2020:0487 RedHat Security Advisories: RHSA-2020:0509 https://access.redhat.com/errata/RHSA-2020:0509 RedHat Security Advisories: RHSA-2020:0540 https://access.redhat.com/errata/RHSA-2020:0540 RedHat Security Advisories: RHSA-2020:0726 https://access.redhat.com/errata/RHSA-2020:0726 SuSE Security Announcement: openSUSE-SU-2020:0244 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html https://usn.ubuntu.com/4263-1/ https://usn.ubuntu.com/4263-2/
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.