Количество 15
Количество 15
CVE-2019-18634
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
CVE-2019-18634
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
CVE-2019-18634
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
CVE-2019-18634
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users ...
openSUSE-SU-2020:0244-1
Security update for sudo
SUSE-SU-2020:0409-1
Security update for sudo
SUSE-SU-2020:0408-1
Security update for sudo
SUSE-SU-2020:0407-1
Security update for sudo
SUSE-SU-2020:0406-1
Security update for sudo
SUSE-SU-2020:0390-1
Security update for sudo
GHSA-rjv5-9w4p-4jrw
In Sudo through 1.8.29, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
ELSA-2020-0726
ELSA-2020-0726: sudo security update (IMPORTANT)
ELSA-2020-0540
ELSA-2020-0540: sudo security update (IMPORTANT)
ELSA-2020-0487
ELSA-2020-0487: sudo security update (IMPORTANT)
BDU:2020-00855
Уязвимость функции stdin getln программы системного администрирования Sudo, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-18634 In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. | CVSS3: 7.8 | 87% Высокий | около 6 лет назад |
 | CVE-2019-18634 In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. | CVSS3: 7.8 | 87% Высокий | около 6 лет назад |
 | CVE-2019-18634 In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. | CVSS3: 7.8 | 87% Высокий | около 6 лет назад |
| CVE-2019-18634 In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users ... | CVSS3: 7.8 | 87% Высокий | около 6 лет назад |
 | openSUSE-SU-2020:0244-1 Security update for sudo | 87% Высокий | почти 6 лет назад | |
| SUSE-SU-2020:0409-1 Security update for sudo | 87% Высокий | почти 6 лет назад | |
| SUSE-SU-2020:0408-1 Security update for sudo | 87% Высокий | почти 6 лет назад | |
| SUSE-SU-2020:0407-1 Security update for sudo | 87% Высокий | почти 6 лет назад | |
| SUSE-SU-2020:0406-1 Security update for sudo | 87% Высокий | почти 6 лет назад | |
| SUSE-SU-2020:0390-1 Security update for sudo | 87% Высокий | почти 6 лет назад | |
| GHSA-rjv5-9w4p-4jrw In Sudo through 1.8.29, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. | 87% Высокий | больше 3 лет назад | |
| ELSA-2020-0726 ELSA-2020-0726: sudo security update (IMPORTANT) | почти 6 лет назад | ||
| ELSA-2020-0540 ELSA-2020-0540: sudo security update (IMPORTANT) | почти 6 лет назад | ||
| ELSA-2020-0487 ELSA-2020-0487: sudo security update (IMPORTANT) | почти 6 лет назад | ||
 | BDU:2020-00855 Уязвимость функции stdin getln программы системного администрирования Sudo, позволяющая нарушителю повысить свои привилегии | CVSS3: 7.8 | 87% Высокий | около 6 лет назад |
Уязвимостей на страницу