Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character.

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchsudo< 1.9.5_p2-r0UNKNOWN
Alpine3.10-mainnoarchsudo< 1.9.5p2-r0UNKNOWN
Alpine3.11-mainnoarchsudo< 1.8.31-r1UNKNOWN
Alpine3.12-mainnoarchsudo< 1.9.5p2-r0UNKNOWN
Alpine3.13-mainnoarchsudo< 1.9.5p2-r0UNKNOWN
Alpine3.14-mainnoarchsudo< 1.9.5p2-r0UNKNOWN
Alpine3.15-mainnoarchsudo< 1.9.5p2-r0UNKNOWN
Alpine3.16-communitynoarchsudo< 1.9.5p2-r0UNKNOWN
Alpine3.17-communitynoarchsudo< 1.9.5p2-r0UNKNOWN
Alpine3.18-communitynoarchsudo< 1.9.5p2-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	sudo	< 1.9.5_p2-r0	UNKNOWN
Alpine	3.10-main	noarch	sudo	< 1.9.5p2-r0	UNKNOWN
Alpine	3.11-main	noarch	sudo	< 1.8.31-r1	UNKNOWN
Alpine	3.12-main	noarch	sudo	< 1.9.5p2-r0	UNKNOWN
Alpine	3.13-main	noarch	sudo	< 1.9.5p2-r0	UNKNOWN
Alpine	3.14-main	noarch	sudo	< 1.9.5p2-r0	UNKNOWN
Alpine	3.15-main	noarch	sudo	< 1.9.5p2-r0	UNKNOWN
Alpine	3.16-community	noarch	sudo	< 1.9.5p2-r0	UNKNOWN
Alpine	3.17-community	noarch	sudo	< 1.9.5p2-r0	UNKNOWN
Alpine	3.18-community	noarch	sudo	< 1.9.5p2-r0	UNKNOWN

Rows per page:

1-10 of 121

nessus 43

oraclelinux 4

virtuozzo 2

paloalto 1

rapid7blog 2

osv 4

f5 1

cert 1

cisa 1

cisco 1

redhat 10

centos 1

ics 6

metasploit 1

githubexploit 53

openvas 21

almalinux 1

ibm 1

photon 2

avleonov 1

packetstorm 4

altlinux 2

ubuntucve 1

zdt 4

ubuntu 1

redos 2

fedora 2

suse 1

debian 3

attackerkb 1

cisa_kev 1

cloudlinux 1

cve 1

threatpost 2

prion 1

cvelist 1

freebsd 1

debiancve 1

slackware 1

amazon 2

checkpoint_security 1

veracode 1

qualysblog 2

redhatcve 1

mageia 1

huawei 1

exploitdb 2

nessus

OracleVM 3.4 : sudo (OVMSA-2021-0012)

2021-06-10 00:00:00

RHEL 7 : sudo (RHSA-2021:0224)

2021-01-27 00:00:00

Amazon Linux 2 : sudo (ALAS-2021-1590)

2021-01-26 00:00:00

oraclelinux

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

virtuozzo

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

2021-01-27 00:00:00

[Important] [Security] Virtuozzo Hybrid Infrastructure 4.0 Update 1.2 (4.0.1-49)

2020-02-03 00:00:00

paloalto

Informational: Impact of Sudo Vulnerability CVE-2021-3156

2021-02-10 17:00:00

rapid7blog

Metasploit Wrap-Up

2021-02-05 19:30:43

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

2021-02-04 21:04:49

osv

sudo vulnerability

2021-01-27 15:01:20

CVE-2021-3156

2021-01-26 21:15:12

sudo - security update

2021-01-26 00:00:00

K86488846 : Sudo vulnerability CVE-2021-3156

2021-01-29 00:00:00

cert

Sudo set_cmd() is vulnerable to heap-based buffer overflow

2021-02-04 00:00:00

cisa

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

2021-02-02 00:00:00

cisco

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

2021-01-29 21:30:00

redhat

(RHSA-2021:0218) Important: sudo security update

2021-01-26 18:53:36

(RHSA-2021:0226) Important: sudo security update

2021-01-26 18:56:10

(RHSA-2021:0222) Important: sudo security update

2021-01-26 18:59:36

centos

sudo security update

2021-01-27 00:11:23

ics

Johnson Controls Sensormatic Tyco AI

2021-05-13 12:00:00

Johnson Controls Sensormatic Electronics Illustra

2021-09-02 12:00:00

Johnson Controls Exacq Technologies exacqVision

2021-04-29 12:00:00

metasploit

Sudo Heap-Based Buffer Overflow

2021-02-04 14:25:40

githubexploit

Exploit for Off-by-one Error in Sudo Project Sudo

2021-03-19 14:06:09

Exploit for Off-by-one Error in Sudo Project Sudo

2021-01-28 02:20:24

Exploit for Off-by-one Error in Sudo Project Sudo

2023-09-05 14:06:26

openvas

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-2170)

2021-07-07 00:00:00

Sudo Heap-Based Buffer Overflow Vulnerability (Baron Samedit) - Active Check

2021-01-27 00:00:00

Debian: Security Advisory (DLA-2534-1)

2021-01-27 00:00:00

almalinux

Important: sudo security update

2021-01-26 18:53:36

ibm

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

2021-04-12 22:48:01

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0358

2021-01-29 00:00:00

Important Photon OS Security Update - PHSA-2021-0188

2021-01-27 00:00:00

avleonov

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

2021-03-02 01:07:00

packetstorm

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

2021-02-03 00:00:00

Sudo Buffer Overflow / Privilege Escalation

2021-02-01 00:00:00

Sudo Heap-Based Buffer Overflow

2021-01-27 00:00:00

altlinux

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1

2021-02-06 00:00:00

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1

2021-01-27 00:00:00

ubuntucve

CVE-2021-3156

2021-01-26 00:00:00

zdt

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

2021-02-01 00:00:00

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

2021-02-05 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

2021-02-01 00:00:00

ubuntu

Sudo vulnerability

2021-01-27 00:00:00

redos

ROS-2-613

2021-09-08 00:00:00

ROS-2-438

2021-12-24 00:00:00

fedora

[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32

2021-01-27 04:12:23

[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33

2021-01-27 01:19:48

suse

Security update for sudo (important)

2021-04-23 00:00:00

debian

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DLA 2534-1] sudo security update

2021-01-26 18:36:34

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

attackerkb

CVE-2021-3156 "Baron Samedit"

2021-01-26 00:00:00

cisa_kev

Sudo Heap-Based Buffer Overflow Vulnerability

2022-04-06 00:00:00

cloudlinux

Fix CVE-2021-3156: Heap-based buffer overflow in sudo

2021-01-27 12:30:00

cve

CVE-2021-3156

2021-01-26 21:15:00

threatpost

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

2021-01-27 19:16:41

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

2021-08-30 21:46:56

prion

Heap overflow

2021-01-26 21:15:00

cvelist

CVE-2021-3156

2021-01-26 00:00:00

freebsd

sudo -- Multiple vulnerabilities

2021-01-26 00:00:00

debiancve

CVE-2021-3156

2021-01-26 21:15:00

slackware

[slackware-security] sudo

2021-01-26 21:34:51

amazon

Important: sudo

2021-01-26 00:11:00

Important: sudo

2021-01-25 23:09:00

checkpoint_security

Check Point CVE-2021-3156 (sudo Privilege Escalation)

2021-01-28 08:21:18

veracode

Privilege Escalation

2021-01-26 21:59:42

qualysblog

Qualys Research Wins Two 2021 Pwnie Awards

2021-08-05 01:44:02

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

2021-01-26 18:09:09

redhatcve

CVE-2021-3156

2021-01-26 19:51:28

mageia

Updated sudo packages fix security vulnerability

2021-01-27 03:40:21

huawei

Security Advisory - Sudo Privilege Escalation Vulnerability

2021-03-10 00:00:00

exploitdb

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

2021-02-03 00:00:00

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

2021-02-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.97 High

EPSS

Percentile

99.7%

JSON

Related for ALPINE:CVE-2021-3156