← back
CVE-2005-1831

CVE-2005-1831

CVSS 8.4 HIGHEPSS 0.4%
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2005-05/0349.htmlhttp://archives.neohapsis.com/archives/bugtraq/2005-05/0359.htmlhttp://marc.info/?l=bugtraq&m=111755694008928&w=2http://www.osvdb.org/20417