OracleLinuxELSA-2021-9169

HistoryApr 15, 2021 - 12:00 a.m.

sudo security update

2021-04-1500:00:00

linux.oracle.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

[1.8.6p3-29.0.3.el6_10.3]

Fix a bug on CVE-2021-3156.patch backported from ol7 [Orabug: 32717065]

OSVersionArchitecturePackageVersionFilename
oracle linux6srcsudo< 1.8.6p3-29.0.3.el6_10.3sudo-1.8.6p3-29.0.3.el6_10.3.src.rpm
oracle linux6i686sudo< 1.8.6p3-29.0.3.el6_10.3sudo-1.8.6p3-29.0.3.el6_10.3.i686.rpm
oracle linux6i686sudo-devel< 1.8.6p3-29.0.3.el6_10.3sudo-devel-1.8.6p3-29.0.3.el6_10.3.i686.rpm
oracle linux6srcsudo< 1.8.6p3-29.0.3.el6_10.3sudo-1.8.6p3-29.0.3.el6_10.3.src.rpm
oracle linux6x86_64sudo< 1.8.6p3-29.0.3.el6_10.3sudo-1.8.6p3-29.0.3.el6_10.3.x86_64.rpm
oracle linux6i686sudo-devel< 1.8.6p3-29.0.3.el6_10.3sudo-devel-1.8.6p3-29.0.3.el6_10.3.i686.rpm
oracle linux6x86_64sudo-devel< 1.8.6p3-29.0.3.el6_10.3sudo-devel-1.8.6p3-29.0.3.el6_10.3.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	6	src	sudo	< 1.8.6p3-29.0.3.el6_10.3	sudo-1.8.6p3-29.0.3.el6_10.3.src.rpm
oracle linux	6	i686	sudo	< 1.8.6p3-29.0.3.el6_10.3	sudo-1.8.6p3-29.0.3.el6_10.3.i686.rpm
oracle linux	6	i686	sudo-devel	< 1.8.6p3-29.0.3.el6_10.3	sudo-devel-1.8.6p3-29.0.3.el6_10.3.i686.rpm
oracle linux	6	src	sudo	< 1.8.6p3-29.0.3.el6_10.3	sudo-1.8.6p3-29.0.3.el6_10.3.src.rpm
oracle linux	6	x86_64	sudo	< 1.8.6p3-29.0.3.el6_10.3	sudo-1.8.6p3-29.0.3.el6_10.3.x86_64.rpm
oracle linux	6	i686	sudo-devel	< 1.8.6p3-29.0.3.el6_10.3	sudo-devel-1.8.6p3-29.0.3.el6_10.3.i686.rpm
oracle linux	6	x86_64	sudo-devel	< 1.8.6p3-29.0.3.el6_10.3	sudo-devel-1.8.6p3-29.0.3.el6_10.3.x86_64.rpm

nessus 51

githubexploit 53

ibm 1

packetstorm 4

altlinux 2

photon 4

avleonov 1

redos 9

zdt 4

ubuntucve 1

redhat 10

oraclelinux 3

osv 5

ubuntu 2

attackerkb 1

suse 1

rapid7blog 3

debian 3

cisa_kev 1

fedora 2

cve 1

cloudlinux 1

almalinux 1

cisa 1

centos 1

f5 1

cisco 1

cert 1

alpinelinux 1

ics 6

virtuozzo 2

paloalto 1

metasploit 1

checkpoint_security 1

veracode 1

qualysblog 2

threatpost 2

mageia 1

redhatcve 1

huawei 1

amazon 2

prion 1

debiancve 1

freebsd 1

slackware 1

exploitdb 2

cloudfoundry 1

archlinux 1

nessus

openSUSE Security Update : sudo (openSUSE-2021-602)

2021-05-18 00:00:00

Photon OS 2.0: Sudo PHSA-2021-2.0-0315

2021-01-29 00:00:00

EulerOS 2.0 SP2 : sudo (EulerOS-SA-2021-1366)

2021-02-22 00:00:00

githubexploit

Exploit for Off-by-one Error in Sudo Project Sudo

2021-01-27 20:57:00

Exploit for Off-by-one Error in Sudo Project Sudo

2021-01-31 07:01:50

Exploit for Off-by-one Error in Sudo Project Sudo

2021-01-30 10:53:26

ibm

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

2021-04-12 22:48:01

packetstorm

Sudo Buffer Overflow / Privilege Escalation

2021-02-01 00:00:00

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

2021-02-03 00:00:00

Sudo Heap-Based Buffer Overflow

2021-01-27 00:00:00

altlinux

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1

2021-02-06 00:00:00

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1

2021-01-27 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0358

2021-01-29 00:00:00

Important Photon OS Security Update - PHSA-2021-0188

2021-01-27 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0315

2021-01-28 00:00:00

avleonov

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

2021-03-02 01:07:00

redos

ROS-2-613

2021-09-08 00:00:00

ROS-2-438

2021-12-24 00:00:00

ROS-2-584

2021-09-08 00:00:00

zdt

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

2021-02-01 00:00:00

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

2021-02-05 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

2021-02-01 00:00:00

ubuntucve

CVE-2021-3156

2021-01-26 00:00:00

redhat

(RHSA-2021:0222) Important: sudo security update

2021-01-26 18:59:36

(RHSA-2021:0226) Important: sudo security update

2021-01-26 18:56:10

(RHSA-2021:0223) Important: sudo security update

2021-01-26 19:00:30

oraclelinux

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

osv

CVE-2021-3156

2021-01-26 21:15:12

sudo - security update

2021-01-26 00:00:00

sudo vulnerability

2021-01-27 15:01:20

ubuntu

Sudo vulnerability

2021-01-27 00:00:00

Sudo vulnerabilities

2021-01-26 00:00:00

attackerkb

CVE-2021-3156 "Baron Samedit"

2021-01-26 00:00:00

suse

Security update for sudo (important)

2021-04-23 00:00:00

rapid7blog

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

2021-02-04 21:04:49

Metasploit Wrap-Up

2021-02-05 19:30:43

Metasploit Wrap-Up

2021-02-26 19:23:43

debian

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DLA 2534-1] sudo security update

2021-01-26 18:36:18

cisa_kev

Sudo Heap-Based Buffer Overflow Vulnerability

2022-04-06 00:00:00

fedora

[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32

2021-01-27 04:12:23

[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33

2021-01-27 01:19:48

cve

CVE-2021-3156

2021-01-26 21:15:00

cloudlinux

Fix CVE-2021-3156: Heap-based buffer overflow in sudo

2021-01-27 12:30:00

almalinux

Important: sudo security update

2021-01-26 18:53:36

cisa

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

2021-02-02 00:00:00

centos

sudo security update

2021-01-27 00:11:23

K86488846 : Sudo vulnerability CVE-2021-3156

2021-01-29 00:00:00

cisco

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

2021-01-29 21:30:00

cert

Sudo set_cmd() is vulnerable to heap-based buffer overflow

2021-02-04 00:00:00

alpinelinux

CVE-2021-3156

2021-01-26 21:15:00

ics

Johnson Controls Sensormatic Tyco AI

2021-05-13 12:00:00

Johnson Controls Sensormatic Electronics Illustra

2021-09-02 12:00:00

Johnson Controls Sensormatic Electronics VideoEdge

2021-05-27 12:00:00

virtuozzo

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

2021-01-27 00:00:00

[Important] [Security] Virtuozzo Hybrid Infrastructure 4.0 Update 1.2 (4.0.1-49)

2020-02-03 00:00:00

paloalto

Informational: Impact of Sudo Vulnerability CVE-2021-3156

2021-02-10 17:00:00

metasploit

Sudo Heap-Based Buffer Overflow

2021-02-04 14:25:40

checkpoint_security

Check Point CVE-2021-3156 (sudo Privilege Escalation)

2021-01-28 08:21:18

veracode

Privilege Escalation

2021-01-26 21:59:42

qualysblog

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

2021-01-26 18:09:09

Qualys Research Wins Two 2021 Pwnie Awards

2021-08-05 01:44:02

threatpost

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

2021-08-30 21:46:56

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

2021-01-27 19:16:41

mageia

Updated sudo packages fix security vulnerability

2021-01-27 03:40:21

redhatcve

CVE-2021-3156

2021-01-26 19:51:28

huawei

Security Advisory - Sudo Privilege Escalation Vulnerability

2021-03-10 00:00:00

amazon

Important: sudo

2021-01-25 23:09:00

Important: sudo

2021-01-26 00:11:00

prion

Heap overflow

2021-01-26 21:15:00

debiancve

CVE-2021-3156

2021-01-26 21:15:00

freebsd

sudo -- Multiple vulnerabilities

2021-01-26 00:00:00

slackware

[slackware-security] sudo

2021-01-26 21:34:51

exploitdb

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

2021-02-03 00:00:00

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

2021-02-03 00:00:00

cloudfoundry

USN-4705-1: Sudo vulnerabilities | Cloud Foundry

2021-02-10 00:00:00

archlinux

[ASA-202101-25] sudo: multiple issues

2021-01-20 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for ELSA-2021-9169