Vulnerability Details CVE-2006-0151
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.9%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/18358
- http://secunia.com/advisories/18363
- http://secunia.com/advisories/18549
- http://secunia.com/advisories/18558
- http://secunia.com/advisories/18906
- http://secunia.com/advisories/19016
- http://secunia.com/advisories/21692
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.421822
- http://www.debian.org/security/2006/dsa-946
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:159
- http://www.novell.com/linux/security/advisories/2006_02_sr.html
- http://www.securityfocus.com/bid/16184
- http://www.trustix.org/errata/2006/0010
- https://usn.ubuntu.com/235-2/
- http://secunia.com/advisories/18358
- http://secunia.com/advisories/18363
- http://secunia.com/advisories/18549
- http://secunia.com/advisories/18558
- http://secunia.com/advisories/18906
- http://secunia.com/advisories/19016
- http://secunia.com/advisories/21692
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.421822
- http://www.debian.org/security/2006/dsa-946
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:159
- http://www.novell.com/linux/security/advisories/2006_02_sr.html
- http://www.securityfocus.com/bid/16184
- http://www.trustix.org/errata/2006/0010
- https://usn.ubuntu.com/235-2/
Products affected by CVE-2006-0151
-
cpe:2.3:a:todd_miller:sudo:1.5.6
-
cpe:2.3:a:todd_miller:sudo:1.5.7
-
cpe:2.3:a:todd_miller:sudo:1.5.8
-
cpe:2.3:a:todd_miller:sudo:1.5.9
-
cpe:2.3:a:todd_miller:sudo:1.6
-
cpe:2.3:a:todd_miller:sudo:1.6.1
-
cpe:2.3:a:todd_miller:sudo:1.6.2
-
cpe:2.3:a:todd_miller:sudo:1.6.3
-
cpe:2.3:a:todd_miller:sudo:1.6.3_p1
-
cpe:2.3:a:todd_miller:sudo:1.6.3_p2
-
cpe:2.3:a:todd_miller:sudo:1.6.3_p3
-
cpe:2.3:a:todd_miller:sudo:1.6.3_p4
-
cpe:2.3:a:todd_miller:sudo:1.6.3_p5
-
cpe:2.3:a:todd_miller:sudo:1.6.3_p6
-
cpe:2.3:a:todd_miller:sudo:1.6.3_p7
-
cpe:2.3:a:todd_miller:sudo:1.6.4
-
cpe:2.3:a:todd_miller:sudo:1.6.4_p1
-
cpe:2.3:a:todd_miller:sudo:1.6.4_p2
-
cpe:2.3:a:todd_miller:sudo:1.6.5
-
cpe:2.3:a:todd_miller:sudo:1.6.5_p1
-
cpe:2.3:a:todd_miller:sudo:1.6.5_p2
-
cpe:2.3:a:todd_miller:sudo:1.6.6
-
cpe:2.3:a:todd_miller:sudo:1.6.7
-
cpe:2.3:a:todd_miller:sudo:1.6.7_p5
-
cpe:2.3:a:todd_miller:sudo:1.6.8
-
cpe:2.3:a:todd_miller:sudo:1.6.8_p1
-
cpe:2.3:a:todd_miller:sudo:1.6.8_p12
-
cpe:2.3:a:todd_miller:sudo:1.6.8_p2
-
cpe:2.3:a:todd_miller:sudo:1.6.8_p5
-
cpe:2.3:a:todd_miller:sudo:1.6.8_p7
-
cpe:2.3:a:todd_miller:sudo:1.6.8_p8
-
cpe:2.3:a:todd_miller:sudo:1.6.8_p9
-
cpe:2.3:o:ubuntu:ubuntu_linux:4.1
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.04
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.10