PWFeedback Buffer Overflow Vulnerability in Sudo

PWFeedback Buffer Overflow Vulnerability in Sudo

Channel:
Subscribers:
54,600
Published on ● Video Link: https://www.youtube.com/watch?v=5QwclIBQ5A0



Duration: 5:09
3,668 views
159


Looking at Buffer overflow in sudo when pwfeedback is set in sudoers (CVE-2019-18634).
pwfeedback provides a visual response when a key is pressed during a sudo password, unfortunately there is a stack-based buffer overflow which can be triggered when an overly long input is typed into stdin.

Sources:
https://www.sudo.ws/alerts/pwfeedback.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634
https://security-tracker.debian.org/tracker/CVE-2019-18634
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18634.html
https://9to5linux.com/new-sudo-vulnerability-could-allow-attackers-to-obtain-full-root-privileges


Wallpaper: https://cdnb.artstation.com/p/assets/images/images/021/167/739/large/charlie-henson-kde-plasma-scenery-143.jpg

Like my channel? Please help support it:
Patreon: https://www.patreon.com/quidsup
Paypal: https://www.paypal.me/quidsup

Follow me on Social Media
Twitter: https://twitter.com/quidsup
MeWe: https://mewe.com/i/quidsup
Minds: https://minds.com/quidsup

#sudo #vulnerability #CVE-2019-18634







Tags:
CVE-2019-18634
sudo
pwfeedback
vulnerability
Linux
Quidsup