FreeBSD : sudo-rs -- Partial password reveal when password timeout occurs (c1ceaaea-c2e7-11f0-8372-98b78501ef2a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c1ceaaea-c2e7-11f0-8372-98b78501ef2a advisory. Trifecta Tech Foundation reports: When typing partial passwords but not pressing return for a long time...

GHSA-C978-WQ47-PVVW sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

sudo-rs: Partial password reveal is possible after timeout

Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...

CVE-2025-64170

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout

sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...

CVE-2025-64170

CVE-2025-64170 affects sudo-rs, a memory-safe Rust implementation of sudo/su. Concrete details from connected documents show a vulnerability that, when a password timeout occurs due to the user typing a password and not pressing return for an extended period, causes the entered keystrokes to be e...

sudo-rs -- Partial password reveal when password timeout occurs

Trifecta Tech Foundation reports: When typing partial passwords but not pressing return for a long time, a password timeout can occur. When this happens, the keys pressed are replayed onto the console...

sudo-rs 安全漏洞

sudo-rs is an open source memory security implementation of sudo and su by Trifecta Tech Foundation. A security vulnerability exists in sudo-rs version 0.2.7 through versions prior to 0.2.10, which stems from the echoing of typed characters after a password timeout, which could lead to partial...

SUSE CVE-2008-3067

sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits...