7.2

CVE-2006-0151

Exploit
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Todd MillerSudo Version1.5.6
Todd MillerSudo Version1.5.7
Todd MillerSudo Version1.5.8
Todd MillerSudo Version1.5.9
Todd MillerSudo Version1.6
Todd MillerSudo Version1.6.1
Todd MillerSudo Version1.6.2
Todd MillerSudo Version1.6.3
Todd MillerSudo Version1.6.3_p1
Todd MillerSudo Version1.6.3_p2
Todd MillerSudo Version1.6.3_p3
Todd MillerSudo Version1.6.3_p4
Todd MillerSudo Version1.6.3_p5
Todd MillerSudo Version1.6.3_p6
Todd MillerSudo Version1.6.3_p7
Todd MillerSudo Version1.6.4
Todd MillerSudo Version1.6.4_p1
Todd MillerSudo Version1.6.4_p2
Todd MillerSudo Version1.6.5
Todd MillerSudo Version1.6.5_p1
Todd MillerSudo Version1.6.5_p2
Todd MillerSudo Version1.6.6
Todd MillerSudo Version1.6.7
Todd MillerSudo Version1.6.7_p5
Todd MillerSudo Version1.6.8
Todd MillerSudo Version1.6.8_p1
Todd MillerSudo Version1.6.8_p2
Todd MillerSudo Version1.6.8_p5
Todd MillerSudo Version1.6.8_p7
Todd MillerSudo Version1.6.8_p8
Todd MillerSudo Version1.6.8_p9
Todd MillerSudo Version1.6.8_p12
UbuntuUbuntu Linux Version4.1 Editionia64
UbuntuUbuntu Linux Version4.1 Editionppc
UbuntuUbuntu Linux Version5.04 Editionamd64
UbuntuUbuntu Linux Version5.04 Editioni386
UbuntuUbuntu Linux Version5.04 Editionpowerpc
UbuntuUbuntu Linux Version5.10 Editionamd64
UbuntuUbuntu Linux Version5.10 Editioni386
UbuntuUbuntu Linux Version5.10 Editionpowerpc
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.61% 0.448
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/18549
http://www.novell.com/linux/security/advisories/2006_02_sr.html
http://secunia.com/advisories/18558
http://secunia.com/advisories/21692
http://www.debian.org/security/2006/dsa-946
http://www.mandriva.com/security/advisories?name=MDKSA-2006:159
http://secunia.com/advisories/18358
Vendor Advisory
http://secunia.com/advisories/18363
Patch
Vendor Advisory
http://secunia.com/advisories/18906
http://secunia.com/advisories/19016
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.421822
http://www.securityfocus.com/bid/16184
Exploit
http://www.trustix.org/errata/2006/0010
https://usn.ubuntu.com/235-2/