CVE-2006-0151

CVE-2006-0151, security advisory, suse linux, suse, security, cve

CVE-2006-0151

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2006-0151 at MITRE

Description

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

---

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v2 Scores

	National Vulnerability Database
Base Score	7.2
Vector	AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector	Local
Access Complexity	Low
Authentication	None
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

SUSE Bugzilla entries: 140300 [RESOLVED / FIXED], 145687 [RESOLVED / FIXED], 159599 [RESOLVED / WONTFIX]

SUSE Security Advisories:

• SUSE-SR:2006:002, published Fri, 20 Jan 2006 15:00:00 +0000

---

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 01:21:19 2013
CVE page last modified: Sat Sep 7 15:10:03 2024