[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2-2020-1404 --- sudo

ID: oval:org.secpod.oval:def:1700314Date: (C)2020-03-23   (M)2023-12-20
Class: PATCHFamily: unix




In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. The attacker needs to deliver a long string to the stdin of getln in tgetpass.c.

Platform:
Amazon Linux 2
Product:
sudo
Reference:
ALAS2-2020-1404
CVE-2019-18634
CVE    1
CVE-2019-18634

© SecPod Technologies