sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suse opensuse 10.3 |