CVE-2008-3067

Name of the Vulnerable Software and Affected Versions: SUSE openSUSE version 10.3

Description: The issue is related to the sudo command in SUSE openSUSE. When password entry times out, sudo does not clear the stdin buffer. This might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.

Recommendations: For SUSE openSUSE version 10.3, consider restricting access to the sudo command until a fix is available, or apply configuration changes to mitigate the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.