Skip to content
/ CVE-2019-18634 Public

A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc

dylankatz.com/analysis-of-cve-2019-18634/
57 stars 19 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Plazmaz/CVE-2019-18634

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
src
src
 
 
README.md
README.md
 
 
self-contained.sh
self-contained.sh
 
 

Repository files navigation

CVE-2019-18634

⚠️ This code has only been tested on sudo 1.8.25. The bug impacts <1.8.30, but there are differences in character handling that prevent this PoC from executing (this does not mitigate the exploitability of the bug). See #1 ⚠️

Functional exploit for CVE-2019-18634, a heap buffer overflow that leads to privilege escalation on sudo <=1.8.30 if pwfeedback is enabled.
https://dylankatz.com/Analysis-of-CVE-2019-18634/
This repo contains both a single-file script (self-contained.sh), and the scripts used to generate it (under src)
Thanks to yuu and Anonymous_ for help in developing this exploit and these scripts.
Credit to Joe Vennix and William Bowling for the original discovery of the bug and the information on exploiting through 1.8.30.

About

A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc

dylankatz.com/Analysis-of-CVE-2019-18634/

Resources

Readme
Activity

Stars

57 stars

Watchers

5 watching

Forks

19 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages