sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.
CVSS Vector
AV:L/AC:L/Au:N/C:P/I:N/A:NSUSE Opensuse
APPSuse10.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2011-0469CRITICAL9.8ten sam produkt
Code injection in openSUSE when running some source services used in the open build service 2.1 before March 1...
CVE-2017-3224HIGH8.2ten sam produkt
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LS...
CVE-2010-0230HIGH7.5ten sam produkt
SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfa...
CVE-2007-2654MEDIUM4.4ten sam produkt
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to r...
CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam vendor
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)