cve/2019/CVE-2019-18634.md

### [CVE-2019-18634](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

### POC

#### Reference
- http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html
- http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html
- https://seclists.org/bugtraq/2020/Feb/2

#### Github
- https://github.com/0dayhunter/Linux-Privilege-Escalation-Resources
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xT11/CVE-POC
- https://github.com/0xZipp0/OSCP
- https://github.com/0xsyr0/OSCP
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AfvanMoopen/tryhackme-
- https://github.com/CyberSec-Monkey/Zero2H4x0r
- https://github.com/DDayLuong/CVE-2019-18634
- https://github.com/DarkFunct/CVE_Exploits
- https://github.com/Dinesh-999/Hacking_contents
- https://github.com/Drakfunc/CVE_Exploits
- https://github.com/InesMartins31/iot-cves
- https://github.com/Ly0nt4r/OSCP
- https://github.com/N1et/CVE-2019-18634
- https://github.com/Plazmaz/CVE-2019-18634
- https://github.com/R0seSecurity/Linux_Priviledge_Escalation
- https://github.com/Retr0-ll/2023-littleTerm
- https://github.com/Retr0-ll/littleterm
- https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics
- https://github.com/SirElmard/ethical_hacking
- https://github.com/Srinunaik000/Srinunaik000
- https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources
- https://github.com/TheJoyOfHacking/saleemrashid-sudo-cve-2019-18634
- https://github.com/Timirepo/CVE_Exploits
- https://github.com/Y3A/CVE-2019-18634
- https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet
- https://github.com/aesophor/CVE-2019-18634
- https://github.com/brootware/awesome-cyber-security-university
- https://github.com/brootware/cyber-security-university
- https://github.com/catsecorg/CatSec-TryHackMe-WriteUps
- https://github.com/chanbakjsd/CVE-2019-18634
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/e-hakson/OSCP
- https://github.com/edsonjt81/sudo-cve-2019-18634
- https://github.com/eljosep/OSCP-Guide
- https://github.com/geleiaa/ceve-s
- https://github.com/go-bi/go-bi-soft
- https://github.com/gurkylee/Linux-Privilege-Escalation-Basics
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/bug-bounty
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/klecko/exploits
- https://github.com/lockedbyte/CVE-Exploits
- https://github.com/lockedbyte/lockedbyte
- https://github.com/migueltc13/KoTH-Tools
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/notnue/Linux-Privilege-Escalation
- https://github.com/oscpname/OSCP_cheat
- https://github.com/pmihsan/Sudo-PwdFeedback-Buffer-Overflow
- https://github.com/ptef/CVE-2019-18634
- https://github.com/retr0-13/Linux-Privilege-Escalation-Basics
- https://github.com/revanmalang/OSCP
- https://github.com/saleemrashid/sudo-cve-2019-18634
- https://github.com/sbonds/custom-inspec
- https://github.com/siddicky/yotjf
- https://github.com/substing/internal_ctf
- https://github.com/testermas/tryhackme
- https://github.com/txuswashere/OSCP
- https://github.com/txuswashere/Pentesting-Linux
- https://github.com/xhref/OSCP