Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2019-18634

Description

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

POC

Reference

- http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html

- http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html

- https://seclists.org/bugtraq/2020/Feb/2

Github

- https://github.com/0dayhunter/Linux-Privilege-Escalation-Resources

- https://github.com/0x7n6/OSCP

- https://github.com/0xStrygwyr/OSCP-Guide

- https://github.com/0xT11/CVE-POC

- https://github.com/0xZipp0/OSCP

- https://github.com/0xsyr0/OSCP

- https://github.com/AMatheusFeitosaM/OSCP-Cheat

- https://github.com/ARPSyndicate/cvemon

- https://github.com/AbdullahZuhair21/OSCP-Notes

- https://github.com/AfvanMoopen/tryhackme-

- https://github.com/CVE-Hunters/universidade-de-seguranca-cibernetica

- https://github.com/Calana2/Exploits

- https://github.com/CyberSec-Monkey/Zero2H4x0r

- https://github.com/DDayLuong/CVE-2019-18634

- https://github.com/DarkFunct/CVE_Exploits

- https://github.com/Dinesh-999/Hacking_contents

- https://github.com/Drakfunc/CVE_Exploits

- https://github.com/DrewSC13/Linpeas

- https://github.com/EnriqueSanchezdelVillar/NotesHck

- https://github.com/Faizan-Khanx/OSCP

- https://github.com/InesMartins31/iot-cves

- https://github.com/Ly0nt4r/OSCP

- https://github.com/N1et/CVE-2019-18634

- https://github.com/Plazmaz/CVE-2019-18634

- https://github.com/PriscilaPinto/buffer_overflow_project

- https://github.com/R0seSecurity/Linux_Priviledge_Escalation

- https://github.com/ReflectedThanatos/OSCP-cheatsheet

- https://github.com/Retr0-ll/2023-littleTerm

- https://github.com/Retr0-ll/littleterm

- https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics

- https://github.com/SantoriuHen/NotesHck

- https://github.com/Sec-Dojo-Cyber-House/universidade-de-seguranca-cibernetica

- https://github.com/SenukDias/OSCP_cheat

- https://github.com/SirElmard/ethical_hacking

- https://github.com/Srinunaik000/Srinunaik000

- https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources

- https://github.com/TH3xACE/SUDO_KILLER

- https://github.com/TheJoyOfHacking/saleemrashid-sudo-cve-2019-18634

- https://github.com/Timirepo/CVE_Exploits

- https://github.com/VishuGahlyan/OSCP

- https://github.com/Y3A/CVE-2019-18634

- https://github.com/Zerodex1/Linux-Privilege-escalation

- https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet

- https://github.com/adnan-kutay-yuksel/tryhackme-all-rooms-database

- https://github.com/aesophor/CVE-2019-18634

- https://github.com/akyuksel/tryhackme-all-rooms-database

- https://github.com/brootware/awesome-cyber-security-university

- https://github.com/brootware/cyber-security-university

- https://github.com/catsecorg/CatSec-TryHackMe-WriteUps

- https://github.com/chanbakjsd/CVE-2019-18634

- https://github.com/developer3000S/PoC-in-GitHub

- https://github.com/e-hakson/OSCP

- https://github.com/edsonjt81/sudo-cve-2019-18634

- https://github.com/eljosep/OSCP-Guide

- https://github.com/exfilt/CheatSheet

- https://github.com/fazilbaig1/oscp

- https://github.com/geleiaa/ceve-s

- https://github.com/go-bi/go-bi-soft

- https://github.com/gurkylee/Linux-Privilege-Escalation-Basics

- https://github.com/hectorgie/PoC-in-GitHub

- https://github.com/hktalent/bug-bounty

- https://github.com/jitmondal1/OSCP

- https://github.com/kgwanjala/oscp-cheatsheet

- https://github.com/klecko/exploits

- https://github.com/l0w3/CVE-2019-18634

- https://github.com/l0w3/l0w3

- https://github.com/lockedbyte/CVE-Exploits

- https://github.com/lockedbyte/lockedbyte

- https://github.com/migueltc13/KoTH-Tools

- https://github.com/n0-traces/cve_monitor

- https://github.com/ngyinkit/cve-2019-18634

- https://github.com/nitishbadole/oscp-note-3

- https://github.com/notnue/Linux-Privilege-Escalation

- https://github.com/oscpname/OSCP_cheat

- https://github.com/paras1te-x/CVE-2019-18634

- https://github.com/parth45/cheatsheet

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/pmihsan/Sudo-PwdFeedback-Buffer-Overflow

- https://github.com/ptef/CVE-2019-18634

- https://github.com/r0Security/Linux_Priviledge_Escalation

- https://github.com/retr0-13/Linux-Privilege-Escalation-Basics

- https://github.com/revanmalang/OSCP

- https://github.com/saleemrashid/sudo-cve-2019-18634

- https://github.com/sbonds/custom-inspec

- https://github.com/siddicky/yotjf

- https://github.com/substing/internal_ctf

- https://github.com/testermas/tryhackme

- https://github.com/txuswashere/OSCP

- https://github.com/txuswashere/Pentesting-Linux

- https://github.com/uttambodara/Awesome-Hacking-Learning-Path

- https://github.com/xhref/OSCP

- https://github.com/zhanpengliu-tencent/medium-cve