Test ID:	1.3.6.1.4.1.25623.1.1.2.2022.1191
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2022-1191)
Summary:	The remote host is missing an update for the Huawei EulerOS 'sudo' package(s) announced via the EulerOS-SA-2022-1191 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'sudo' package(s) announced via the EulerOS-SA-2022-1191 advisory. Vulnerability Insight: A flaw was found in sudoedit. A race condition vulnerability and improper symbolic link resolution could be used by a local unprivileged user to test for the existence of directories and files not normally accessible to the user. This flaw cannot be used to read the content or write to arbitrary files on the file system. The highest threat from this vulnerability is to data confidentiality.(CVE-2021-23239) Affected Software/OS: 'sudo' package(s) on Huawei EulerOS V2.0SP3. Solution: Please install the updated package(s). CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-23239 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMY4VSSBIND7VAYSN6T7XIWJRWG4GBB3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EE42Y35SMJOLONAIBNYNFC7J44UUZ2Y6/ https://security.gentoo.org/glsa/202101-33 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23239 https://lists.debian.org/debian-lts-announce/2022/11/msg00007.html
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.