← voltar
CVE-2019-18634

CVE-2019-18634

EPSS 19.4%
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
Produtos afetados
n/a · n/a
PoCs públicas encontradas18
githubgithub.com/saleemrashid/sudo-cve-2019-18634240githubgithub.com/Plazmaz/CVE-2019-1863458githubgithub.com/aesophor/CVE-2019-186345githubgithub.com/chanbakjsd/CVE-2019-186343githubgithub.com/N1et/CVE-2019-186342githubgithub.com/dukptkey/CVE-2019-186341githubgithub.com/letsr00t/-CVE-2019-18634-sudo-pwfeedback0githubgithub.com/edsonjt81/sudo-cve-2019-186340githubgithub.com/paras1te-x/CVE-2019-186340githubgithub.com/TheJoyOfHacking/saleemrashid-sudo-cve-2019-186340githubgithub.com/CyrusRazavi/CVE-2019-18634-writeup0githubgithub.com/DDayLuong/CVE-2019-186340githubgithub.com/l0w3/CVE-2019-186340githubgithub.com/ngyinkit/cve-2019-186340cve_referencepacketstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/47995não verificadoexploitdbwww.exploit-db.com/exploits/48052não verificadocve_referencepacketstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.htmlhttp://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.htmlhttp://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.htmlhttps://access.redhat.com/errata/RHSA-2020:0487https://access.redhat.com/errata/RHSA-2020:0509https://access.redhat.com/errata/RHSA-2020:0540https://access.redhat.com/errata/RHSA-2020:0726http://seclists.org/fulldisclosure/2020/Jan/40https://lists.debian.org/debian-lts-announce/2020/02/msg00002.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/https://seclists.org/bugtraq/2020/Feb/2