Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

Summary Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution Vulnerability Details CVEID: CVE-2021-3156 DESCRIPTION: Sudo is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when parsing command line arguments. By sending an "sudoedit -s" and a...

VestaCP elevation of privilege vulnerability (CNVD-2021-28371)

VestaCP is an open source hosting control panel that can be used to manage multiple websites, create and manage email accounts, FTP accounts and MySQL databases, and manage DNS records. An elevation of privilege vulnerability exists in VestaCP 0.9.8-24 and earlier versions. The vulnerability stem...

CVE-2021-30462

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

CVE-2021-30462

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

Design/Logic Flaw

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

CVE-2021-30462

VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts...

Vesta Control Panel 访问控制错误漏洞

VestaCP is an open source hosting control panel that can be used to manage multiple websites, create and manage email accounts, FTP accounts and MySQL databases, and manage DNS records. An elevation of privilege vulnerability exists in VestaCP 0.9.8-24 and earlier versions. The vulnerability stem...

Exploit for OS Command Injection in Raspap

CVE-2020-24572-POC An issue was discovered in includes/webcons...

SUSE SLES12 Security Update : sudo (SUSE-SU-2021:0928-1)

This update for sudo fixes the following issues : Fixed a potential crash on exit as a result of the fix of CVE-2021-3156 bsc1181090 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

SUSE-SU-2021:0928-1 Security update for sudo

This update for sudo fixes the following issues: - Fixed a potential crash on exit as a result of the fix of CVE-2021-3156 bsc1181090...

EulerOS 2.0 SP5 : sudo (EulerOS-SA-2021-1707)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - selinuxeditcopytfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1707)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Off-by-one Error in Sudo_Project Sudo

Título del Proyecto Generador de exploit para CVE-2021-3156 s...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a Python script repository for exploiting the CVE-2021-3156 vulnerability in sudo. The vulnerability is a heap-based overflow in the sudo package, which can be exploited to gain root privileges. The repository contains several exploit scripts, each targeting a specific version of the sudo...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a PoC exploit for CVE-2021-3156, a heap-based overflow vulnerability in sudo. The exploit is written in C and uses a combination of techniques to achieve arbitrary code execution. The exploit creates a shared library libnssX/P0PSH3LLZ .so.2 that is loaded by sudo, which contains a buffer...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Sudo Baron Samedit This repository is CVE-202...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1669)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1627)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1657)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1630)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...