Linux Sudo Privilege Escalation (Out-of-bounds Write)

Binary data linuxcve-2021-3156.nbin...

SUSE SLED15 / SLES15 Security Update : avahi (SUSE-SU-2021:0551-1)

This update for avahi fixes the following issues : CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. Add sudo to requires: used to drop privileges. Note that...

SUSE-SU-2021:0551-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 - Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. - Add sudo to requires: used to drop privileges...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 PoC Introduction This is an exploit for the...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1366)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1375)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : sudo (EulerOS-SA-2021-1375)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while...

EulerOS 2.0 SP2 : sudo (EulerOS-SA-2021-1366)

According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via 'sudoedit -s' and a command-line argument that ends wi...

Klog Server 2.4.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server authenticate.php user Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injectio...

Klog Server authenticate.php user Unauthenticated Command Injection

This module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and prior. The authenticate.php file uses the user HTTP POST parameter in a call to the shellexec PHP function without appropriate input validation, allowing arbitrary command execution as the...

macOS 10.14.x < 10.14.6 Security Update 2021-002 / 10.15.x < 10.15.7 Supplemental Update / macOS 11.x < 11.2.1 (HT212177)

The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.6 Security Update 2021-002 Mojave, 10.15.x prior to 10.15.7 Supplemental Update Catalina, or 11.x prior to 11.2.1 Big Sur. It is, therefore, affected by multiple vulnerabilities, including the following: - An...

Informational: Impact of Sudo Vulnerability CVE-2021-3156

Palo Alto Networks Product Security Assurance team has evaluated the Sudo software vulnerability CVE-2021-3156. PAN-OS software, Prisma Cloud compute, and Prisma SD-WAN CloudGenix devices do not include the Sudo program and, therefore, no scenarios required for successful exploitation exist in...

Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug

Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. "A local attacker may be able to elevate their privileges," Apple said in a security advisory. "This issue...

Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug

Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. "A local attacker may be able to elevate their privileges," Apple said in a security advisory. "This issue...

USN-4705-1: Sudo vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 !2021-02-10-02-18-07images/450acf1a2f14793aa...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 sudo he...

About the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002

About the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 This document describes the security content of macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security...

Linux sudo Privilege Escalation Vulnerability (direct check)

Binary data linuxcve-2019-14287.nbin...