CVE Vulnerabilities

CVE-2008-3067

Published: Jul 07, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.

Affected Software

Name Vendor Start Version End Version
Opensuse Suse 10.3 10.3
Sudo Ubuntu feisty *
Sudo Ubuntu upstream *

References