LOW🇵🇱 Wersja polska

CVE-2008-3067

CVSS 2.1v2.0pub. 2008-07-07upd. 2026-04-23

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.

CVSS Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
  • SUSE Opensuse

    APP
    Suse
    10.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2011-0469CRITICAL9.8ten sam produkt

Code injection in openSUSE when running some source services used in the open build service 2.1 before March 1...

CVE-2017-3224HIGH8.2ten sam produkt

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LS...

CVE-2010-0230HIGH7.5ten sam produkt

SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all network interfa...

CVE-2007-2654MEDIUM4.4ten sam produkt

xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to r...

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)