Plugins Database As of 12-07-2019

CentOS Update for sudo CESA-2019:3197 centos7

CentOS Local Security Checks
Impact by CVSS Score
  • ID: 1.3.6.1.4.1.25623.1.0.883124

CVSS Base Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Summary:
The remote host is missing an update for the 'sudo' Linux Distribution Package(s) announced via the CESA-2019:3197 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
The sudo Linux Distribution Packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword (CVE-2019-14287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Versions:
'sudo' Linux Distribution Package(s) on CentOS 7.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

Search
Severity
High
CVSS Score
9.0
Published
2019-11-01 03:00:48
Modified
2019-11-04 08:05:52
CVE
CVE-2019-14287

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.