Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3067

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2008-3067
Last Modified 10 Sep 2008 09:11:50
Published 07 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-3067

Summary

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.

Vulnerable Systems

Application

  • Opensuse 10.3


References

XF - opensuse-sudo-information-disclosure(43618)

SUSE - SUSE-SR:2008:014


Last Updated: 27 May 2016 10:48:04