CVE Reference: CVE-2006-0151

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-0151

Description:
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntulinux.org/support/documentation/usn/usn-235-2

TRUSTIX
  http://www.trustix.org/errata/2006/0010

SUSE
  http://www.novell.com/linux/security/advisories/2006_02_sr.html

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.421822

SAID
  Secunia Advisory: SA18906
  Secunia Advisory: SA18549
  Secunia Advisory: SA18363
  Secunia Advisory: SA18358
  Secunia Advisory: SA18558
  Secunia Advisory: SA19016
  Secunia Advisory: SA21692

MANDRIVA
  http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:159

DEBIAN
  http://www.debian.org/security/2006/dsa-946

BID
  16184


Return to the previous page.