CVE-2006-0151

NONE EPSS 44.9%
Published Jan 9, 200620y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 9, 2006 20y ago
Last Modified Jun 16, 2026 2w ago

Description

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.

Threat Intelligence

EPSS Exploit Probability
44.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Affected Products 40

VendorProductVersionRange
todd_millersudo1.5.6any
todd_millersudo1.5.7any
todd_millersudo1.5.8any
todd_millersudo1.5.9any
todd_millersudo1.6any
todd_millersudo1.6.1any
todd_millersudo1.6.2any
todd_millersudo1.6.3any
todd_millersudo1.6.3_p1any
todd_millersudo1.6.3_p2any
todd_millersudo1.6.3_p3any
todd_millersudo1.6.3_p4any
todd_millersudo1.6.3_p5any
todd_millersudo1.6.3_p6any
todd_millersudo1.6.3_p7any
todd_millersudo1.6.4any
todd_millersudo1.6.4_p1any
todd_millersudo1.6.4_p2any
todd_millersudo1.6.5any
todd_millersudo1.6.5_p1any
todd_millersudo1.6.5_p2any
todd_millersudo1.6.6any
todd_millersudo1.6.7any
todd_millersudo1.6.7_p5any
todd_millersudo1.6.8any
todd_millersudo1.6.8_p1any
todd_millersudo1.6.8_p2any
todd_millersudo1.6.8_p5any
todd_millersudo1.6.8_p7any
todd_millersudo1.6.8_p8any
todd_millersudo1.6.8_p9any
todd_millersudo1.6.8_p12any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux4.1any
ubuntuubuntu_linux5.04any
ubuntuubuntu_linux5.04any
ubuntuubuntu_linux5.04any
ubuntuubuntu_linux5.10any
ubuntuubuntu_linux5.10any
ubuntuubuntu_linux5.10any

References 14

  • secunia.com http://secunia.com/advisories/18358
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/18363
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/18549
  • secunia.com http://secunia.com/advisories/18558
  • secunia.com http://secunia.com/advisories/18906
  • secunia.com http://secunia.com/advisories/19016
  • secunia.com http://secunia.com/advisories/21692
  • slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.421822
  • debian.org http://www.debian.org/security/2006/dsa-946
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2006:159
  • novell.com http://www.novell.com/linux/security/advisories/2006_02_sr.html
  • securityfocus.com http://www.securityfocus.com/bid/16184
    Exploit
  • trustix.org http://www.trustix.org/errata/2006/0010
  • usn.ubuntu.com https://usn.ubuntu.com/235-2/

Remediation

  • secunia.com http://secunia.com/advisories/18363
    PatchVendor Advisory