[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

141116

 
 

909

 
 

114097

 
 

156

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2-2020-1404 --- sudo

ID: oval:org.secpod.oval:def:1700314Date: (C)2020-03-23   (M)2020-03-23
Class: PATCHFamily: unix




In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. The attacker needs to deliver a long string to the stdin of getln in tgetpass.c.

Platform:
Amazon Linux 2
Product:
sudo
Reference:
ALAS-2020-1404
CVE-2019-18634
CVE    1
CVE-2019-18634

© SecPod Technologies