CVE Vulnerabilities

CVE-2005-3629

Published: Dec 31, 2005 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors.

Affected Software

Name Vendor Start Version End Version
Enterprise_linux Redhat 3.0 3.0
Enterprise_linux Redhat 3.0 3.0
Enterprise_linux Redhat 3.0 3.0
Enterprise_linux Redhat 4.0 4.0
Enterprise_linux Redhat 4.0 4.0
Enterprise_linux Redhat 4.0 4.0
Red Hat Enterprise Linux 3 RedHat initscripts-0:7.31.30.EL-1 *
Red Hat Enterprise Linux 4 RedHat initscripts-0:7.93.24.EL-1.1 *

References