### [CVE-2019-18634](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634) ![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) ![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) ![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) ### Description In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. ### POC #### Reference - http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html - http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html - http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html - http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html - https://seclists.org/bugtraq/2020/Feb/2 - https://seclists.org/bugtraq/2020/Feb/2 #### Github - https://github.com/0dayhunter/Linux-Privilege-Escalation-Resources - https://github.com/0xStrygwyr/OSCP-Guide - https://github.com/0xT11/CVE-POC - https://github.com/0xZipp0/OSCP - https://github.com/0xsyr0/OSCP - https://github.com/ARPSyndicate/cvemon - https://github.com/AfvanMoopen/tryhackme- - https://github.com/CyberSec-Monkey/Zero2H4x0r - https://github.com/DDayLuong/CVE-2019-18634 - https://github.com/DarkFunct/CVE_Exploits - https://github.com/Dinesh-999/Hacking_contents - https://github.com/Drakfunc/CVE_Exploits - https://github.com/DrewSC13/Linpeas - https://github.com/InesMartins31/iot-cves - https://github.com/Ly0nt4r/OSCP - https://github.com/N1et/CVE-2019-18634 - https://github.com/Plazmaz/CVE-2019-18634 - https://github.com/R0seSecurity/Linux_Priviledge_Escalation - https://github.com/Retr0-ll/2023-littleTerm - https://github.com/Retr0-ll/littleterm - https://github.com/RoqueNight/Linux-Privilege-Escalation-Basics - https://github.com/SirElmard/ethical_hacking - https://github.com/Srinunaik000/Srinunaik000 - https://github.com/TCM-Course-Resources/Linux-Privilege-Escalation-Resources - https://github.com/TH3xACE/SUDO_KILLER - https://github.com/TheJoyOfHacking/saleemrashid-sudo-cve-2019-18634 - https://github.com/Timirepo/CVE_Exploits - https://github.com/Y3A/CVE-2019-18634 - https://github.com/ZeusBanda/Linux_Priv-Esc_Cheatsheet - https://github.com/aesophor/CVE-2019-18634 - https://github.com/brootware/awesome-cyber-security-university - https://github.com/brootware/cyber-security-university - https://github.com/catsecorg/CatSec-TryHackMe-WriteUps - https://github.com/chanbakjsd/CVE-2019-18634 - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/e-hakson/OSCP - https://github.com/edsonjt81/sudo-cve-2019-18634 - https://github.com/eljosep/OSCP-Guide - https://github.com/geleiaa/ceve-s - https://github.com/go-bi/go-bi-soft - https://github.com/gurkylee/Linux-Privilege-Escalation-Basics - https://github.com/hectorgie/PoC-in-GitHub - https://github.com/hktalent/bug-bounty - https://github.com/kgwanjala/oscp-cheatsheet - https://github.com/klecko/exploits - https://github.com/lockedbyte/CVE-Exploits - https://github.com/lockedbyte/lockedbyte - https://github.com/migueltc13/KoTH-Tools - https://github.com/nitishbadole/oscp-note-3 - https://github.com/notnue/Linux-Privilege-Escalation - https://github.com/oscpname/OSCP_cheat - https://github.com/pmihsan/Sudo-PwdFeedback-Buffer-Overflow - https://github.com/ptef/CVE-2019-18634 - https://github.com/retr0-13/Linux-Privilege-Escalation-Basics - https://github.com/revanmalang/OSCP - https://github.com/saleemrashid/sudo-cve-2019-18634 - https://github.com/sbonds/custom-inspec - https://github.com/siddicky/yotjf - https://github.com/substing/internal_ctf - https://github.com/testermas/tryhackme - https://github.com/txuswashere/OSCP - https://github.com/txuswashere/Pentesting-Linux - https://github.com/xhref/OSCP