CVE-2006-0151

Опубликовано: 09 янв. 2006

Источник: debian

EPSS Низкий

Описание

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
sudo	fixed	1.6.8p12-1		package

Примечания

The whole black list approach is flawed, for the DSA we'll switch to
a white list approach of known to be safe env vars.

EPSS

Процентиль: 20%

0.00063

Низкий

Связанные уязвимости

CVE-2006-0151

ubuntu

больше 19 лет назад

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

CVE-2006-0151

redhat

почти 21 год назад

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

CVE-2006-0151

nvd

больше 19 лет назад

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

GHSA-7vx7-4r5w-mwxw

github

больше 3 лет назад

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

EPSS

Процентиль: 20%

0.00063

Низкий