Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3067


Vulnerability Score 2.1 2.1
CVE Id CVE-2008-3067
Last Modified 10 Sep 2008 09:11:50
Published 07 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.

Vulnerable Systems


  • Opensuse 10.3


XF - opensuse-sudo-information-disclosure(43618)

SUSE - SUSE-SR:2008:014

Last Updated: 27 May 2016 10:48:04