Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3629

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-3629
Last Modified 21 Aug 2010 12:34:31
Published 31 Dec 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3629

Summary

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 3.0

  • Redhat Enterprise Linux 4.0


References

REDHAT - RHSA-2006:0016

SECTRACK - 1015732

SECUNIA - 19162

XF - initscripts-service-gain-privileges(25374)

BID - 17038

REDHAT - RHSA-2006:0015

SECUNIA - 19532

SGI - 20060401-01-U


Last Updated: 27 May 2016 10:40:59