Lucene search
+L

151 matches found

openvas
openvas
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2021:0232-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.99295EPSS
Exploits82References7
gitee
gitee
added 2021/03/19 2:43 p.m.5 views

Exploit for Off-by-one Error in Sudo_Project Sudo

PoC exploit for CVE-2021-3156, a heap overflow vulnerability in sudoedit. The target product/service is sudoedit, a command-line utility for editing files with superuser privileges. The vulnerability class/vector is a heap overflow, which can lead to a privilege escalation LPE. The probable entry...

7.8CVSS8.2AI score0.99295EPSS
Exploits81
githubexploit
githubexploit
added 2021/03/19 2:6 p.m.152 views

Exploit for Off-by-one Error in Sudo_Project Sudo

Título del Proyecto Generador de exploit para CVE-2021-3156 s...

7.8CVSS7.9AI score0.99295EPSS
Exploits81
cloudfoundry
cloudfoundry
added 2021/02/10 12:0 a.m.83 views

USN-4705-1: Sudo vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator...

7.8CVSS6.9AI score0.99295EPSS
Exploits82Affected Software3
openvas
openvas
added 2021/02/02 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1173)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.99295EPSS
Exploits83References4
githubexploit
githubexploit
added 2021/01/27 8:57 p.m.61 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Ansible role patches CVE-2021-3156 for Cent...

7.8CVSS7.8AI score0.99295EPSS
Exploits81
osv
osv
added 2021/01/27 7:25 a.m.10 views

OPENSUSE-SU-2021:0170-1 Security update for sudo

This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges bsc1181090,CVE-2021-3156 - It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit...

7.8CVSS6.6AI score0.99295EPSS
Exploits83References8
osv
osv
added 2021/01/27 7:24 a.m.8 views

OPENSUSE-SU-2021:0169-1 Security update for sudo

This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges bsc1181090,CVE-2021-3156 - It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit...

7.8CVSS6.6AI score0.99295EPSS
Exploits83References8
osv
osv
added 2021/01/26 9:15 p.m.5 views

ALPINE-CVE-2021-3156

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character...

7.8CVSS7.4AI score0.99295EPSS
Exploits81References1
osv
osv
added 2021/01/26 6:48 p.m.4 views

USN-4705-1 sudo vulnerabilities

It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. CVE-2021-3156 It was discovered that the Sudo sudoedit utility incorrectly handled checking directory...

7.8CVSS6.7AI score0.99295EPSS
Exploits82References3
ubuntu
ubuntu
added 2021/01/26 6:48 p.m.312 views

USN-4705-1: Sudo vulnerabilities

It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. CVE-2021-3156 It was discovered that the Sudo sudoedit utility incorrectly handled checking directory...

7.8CVSS7AI score0.99295EPSS
Exploits82
osv
osv
added 2021/01/26 6:23 p.m.8 views

SUSE-SU-2021:0227-1 Security update for sudo

This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges bsc1181090,CVE-2021-3156 - It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit...

7.8CVSS6.6AI score0.99295EPSS
Exploits83References8
osv
osv
added 2021/01/26 6:0 p.m.3 views

UBUNTU-CVE-2021-3156

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character...

7.8CVSS7AI score0.99295EPSS
Exploits81References5
attackerkb
attackerkb
added 2021/01/26 12:0 a.m.231 views

CVE-2021-3156 "Baron Samedit"

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character. Recent assessments: cdelafuente-r7 at January 27, 2021 3:40pm UTC...

8.4CVSS8.9AI score0.99295EPSS
In wildExploits86References39
mscve
mscve
added 2021/01/20 8:0 a.m.3 views

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

...

2.5CVSS7AI score0.01029EPSS
Exploits1
mscve
mscve
added 2021/01/15 8:0 a.m.4 views

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

...

7.8CVSS7AI score0.01066EPSS
Exploits1
veracode
veracode
added 2021/01/12 9:16 p.m.27 views

Information Disclosure

sudo is vulnerable to information disclosure. The sudoedit personality allows a local unprivileged user to determine the existence of an arbitrary directory by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...

2.5CVSS3.6AI score0.01029EPSS
Exploits1References10Affected Software7
nvd
nvd
added 2021/01/12 9:15 a.m.16 views

CVE-2021-23240

selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not...

7.8CVSS7.9AI score0.01066EPSS
Exploits1References8
osv
osv
added 2021/01/12 9:15 a.m.0 views

DEBIAN-CVE-2021-23239

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudoedit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path...

2.5CVSS6.5AI score0.01029EPSS
Exploits1References1
osv
osv
added 2021/01/12 9:15 a.m.1 views

DEBIAN-CVE-2021-23240

selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not...

7.8CVSS7.8AI score0.01066EPSS
Exploits1References1
Rows per page
Query Builder