CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
28.0%
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment
variable, which allows limited local users to gain privileges via a Python
script, a variant of CVE-2005-4158.