CVE-2006-0151

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

Published: Jan 10, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-0151
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
todd_miller / sudo	1.5.8	1.5.8.x
todd_miller / sudo	1.6.3_p6	1.6.3_p6.x
todd_miller / sudo	1.5.9	1.5.9.x
todd_miller / sudo	1.6.6	1.6.6.x
todd_miller / sudo	1.6.8_p7	1.6.8_p7.x
todd_miller / sudo	1.6.3	1.6.3.x
todd_miller / sudo	1.6.4_p2	1.6.4_p2.x
todd_miller / sudo	1.6.1	1.6.1.x
todd_miller / sudo	1.6.8_p12	1.6.8_p12.x
todd_miller / sudo	1.6.3_p5	1.6.3_p5.x
todd_miller / sudo	1.5.7	1.5.7.x
todd_miller / sudo	1.6.2	1.6.2.x
todd_miller / sudo	1.6.8	1.6.8.x
todd_miller / sudo	1.6.4_p1	1.6.4_p1.x
todd_miller / sudo	1.6.3_p2	1.6.3_p2.x
todd_miller / sudo	1.6.3_p4	1.6.3_p4.x
todd_miller / sudo	1.6.8_p9	1.6.8_p9.x
todd_miller / sudo	1.6.5_p2	1.6.5_p2.x
todd_miller / sudo	1.6.5	1.6.5.x
todd_miller / sudo	1.6.3_p3	1.6.3_p3.x
todd_miller / sudo	1.6.8_p1	1.6.8_p1.x
todd_miller / sudo	1.6.5_p1	1.6.5_p1.x
todd_miller / sudo	1.6.3_p7	1.6.3_p7.x
todd_miller / sudo	1.6	1.6.x
todd_miller / sudo	1.6.4	1.6.4.x
todd_miller / sudo	1.6.7	1.6.7.x
todd_miller / sudo	1.6.8_p5	1.6.8_p5.x
todd_miller / sudo	1.6.8_p8	1.6.8_p8.x
todd_miller / sudo	1.6.3_p1	1.6.3_p1.x
todd_miller / sudo	1.5.6	1.5.6.x
todd_miller / sudo	1.6.8_p2	1.6.8_p2.x
todd_miller / sudo	1.6.7_p5	1.6.7_p5.x
ubuntu / ubuntu_linux	4.1	4.1.x
ubuntu / ubuntu_linux	5.04	5.04.x
ubuntu / ubuntu_linux	5.10	5.10.x

Vulnerability Database

289,599

CVE-2006-0151