返回 CVE 浏览器

CVE-2019-18634

HIGH

7.8

CVSS Severity Score

EPSS Score0.1690%

EPSS Percentile0.78th

Published2020年1月29日

Last Modified2024年11月21日

Vulnerability Description

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

Affected Platforms (CPE)

📦

Sudo Project

Sudo

>= 1.7.1 and < 1.8.26

💻

Debian

Debian Linux

= 8.0

💻

Debian

Debian Linux

= 9.0

💻

Debian

Debian Linux

= 10.0

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html

🔗 http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html

🔗 http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html

🔗 http://seclists.org/fulldisclosure/2020/Jan/40

🔗 http://www.openwall.com/lists/oss-security/2020/01/30/6

🔗 http://www.openwall.com/lists/oss-security/2020/01/31/1

🔗 http://www.openwall.com/lists/oss-security/2020/02/05/2

🔗 http://www.openwall.com/lists/oss-security/2020/02/05/5

相关漏洞威胁

CVE-2001-124010.0

The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that co...

CVE-2018-185569.9

A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the ppp...

CVE-2017-137079.8

Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo ...

CVE-2019-98919.8

The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and exe...