Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: sudo

Found 2 matching suggestions

View:
Compact
Detailed
Dismissed
Permalink CVE-2005-4890
updated 1 month, 1 week ago by @LeSuisse Activity log
  • Created automatic suggestion 1 month, 1 week ago
  • @LeSuisse removed
    40 packages
    • tests.hardeningFlags-clang.allExplicitDisabledShadowStack
    • tests.hardeningFlags-clang.shadowStackExplicitDisabled
    • tests.hardeningFlags-clang.shadowStackExplicitEnabled
    • tests.hardeningFlags.allExplicitDisabledShadowStack
    • tests.hardeningFlags-gcc.shadowStackExplicitEnabled
    • tests.hardeningFlags.shadowStackExplicitEnabled
    • tests.hardeningFlags-gcc.shadowStackExplicitDisabled
    • tests.hardeningFlags.shadowStackExplicitDisabled
    • tests.hardeningFlags-gcc.allExplicitDisabledShadowStack
    • obs-studio-plugins.obs-stroke-glow-shadow
    • su
    • qsudo
    • sudo-rs
    • psudohash
    • shadowenv
    • shadowfox
    • sudo-font
    • shadow-tls
    • darwin.sudo
    • gnome-sudoku
    • doas-sudo-shim
    • lxqt.lxqt-sudo
    • go-shadowsocks2
    • shadowsocks-rust
    • yaziPlugins.sudo
    • shadowsocks-libev
    • libsForQt5.ksudoku
    • kdePackages.ksudoku
    • typstPackages.shadowed
    • plasma5Packages.ksudoku
    • shadowsocks-v2ray-plugin
    • fishPlugins.plugin-sudope
    • haskellPackages.shadowsocks
    • typstPackages.shadowed_0_1_0
    • shadow
    • haskellPackages.Unixutils-shadow
    • wayfirePlugins.wayfire-shadows
    • typstPackages.shadowed_0_2_0
    • typstPackages.shadowed_0_1_2
    • typstPackages.shadowed_0_1_1
    1 month, 1 week ago
  • @LeSuisse added package shadow 1 month, 1 week ago
  • @LeSuisse dismissed 1 month, 1 week ago
There is a possible tty hijacking in shadow 4.x before …

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

References

Affected products

sudo
  • ==1.x before 1.7.4
shadow
  • ==4.x before 4.1.5

Matching in nixpkgs

Package maintainers

Old issue. Never impacted the current stable branch.
Untriaged
Permalink CVE-2023-7090
6.6 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): LOW
created 6 months, 1 week ago
Sudo: improper handling of ipa_hostname leads to privilege mismanagement

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

References

Affected products

sudo
  • ==1.8.28
freeipa

Matching in nixpkgs

pkgs.sudo

Command to run commands as root

pkgs.qsudo

Graphical sudo utility from Project Trident

pkgs.freeipa

Identity, Policy and Audit system

  • nixos-unstable -

pkgs.sudo-rs

Memory safe implementation of sudo and su

  • nixos-unstable -

pkgs.psudohash

Password list generator for orchestrating brute force attacks and cracking hashes

  • nixos-unstable -

pkgs.sudo-font

Font for programmers and command line users

  • nixos-unstable -

pkgs.gnome-sudoku

Test your logic skills in this number grid puzzle

  • nixos-unstable -

pkgs.doas-sudo-shim

Shim for the sudo command that utilizes doas

  • nixos-unstable -