QwikSec

Security Database

CVE

CWE

Training

CVE-2005-1831

Published: Jun 2, 2005

Modified: Jan 16, 2025

PUBLISHED

Description

Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20050531 RE: [securitysuse.de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3

mailing-list

x_refsource_BUGTRAQ

20050531 Re: [securitysuse.de] [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3

mailing-list

x_refsource_BUGTRAQ

20050531 [XNUXER-SECURITY] Root Privilige Escalation in Sudo version 1.6.8p7 without Password, SuSE 9.3

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.