
PWFeedback Buffer Overflow Vulnerability in Sudo
Looking at Buffer overflow in sudo when pwfeedback is set in sudoers (CVE-2019-18634).
pwfeedback provides a visual response when a key is pressed during a sudo password, unfortunately there is a stack-based buffer overflow which can be triggered when an overly long input is typed into stdin.
Sources:
https://www.sudo.ws/alerts/pwfeedback.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634
https://security-tracker.debian.org/tracker/CVE-2019-18634
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18634.html
https://9to5linux.com/new-sudo-vulnerability-could-allow-attackers-to-obtain-full-root-privileges
Wallpaper: https://cdnb.artstation.com/p/assets/images/images/021/167/739/large/charlie-henson-kde-plasma-scenery-143.jpg
Like my channel? Please help support it:
Patreon: https://www.patreon.com/quidsup
Paypal: https://www.paypal.me/quidsup
Follow me on Social Media
Twitter: https://twitter.com/quidsup
MeWe: https://mewe.com/i/quidsup
Minds: https://minds.com/quidsup
#sudo #vulnerability #CVE-2019-18634