CVE-2019-14287 PoC — Sudo 输入验证错误漏洞

Source

https://github.com/Hasintha-98/Sudo-Vulnerability-Exploit-CVE-2019-14287

Associated Vulnerability

Title:Sudo 输入验证错误漏洞 (CVE-2019-14287)
Description:In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.

Readme

# Sudo-Vulnerability-Exploit-CVE-2019-14287

Sudo has been discovered to be unreliable, one of the most significant, powerful, and 
commonly used utilities installed in almost any Unix and Linux based operating system 
as a simple command. A pseudo security policy bypass flaw that allows arbitrary 
commands to be executed on a targeted Linux device by a malicious user or application. 
There must be a non-standard setup for the mistake. Linux machines, in other words, are 
not corrupted by nature. Incorrect users should only use the "Super User Do" command 
while executing commands on a Linux operating system by defining the user ID "-1" to 
execute it as a command source [1]. Insecurity needs a structured setup as demonstrated 
in CVE-2019-14287 but also opens the door to unauthorized users. Using -u # -1 on the 
command line helps users to circumvent the faux error-caused offline cap.

File Snapshot


 [4.0K]  /data/pocs/e33aafa0f293a3008a1a0b37c256fd75dc235b29
├── [207K]  IT19952376_snp.pdf
└── [ 899]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!