Lucene search
K

4730 matches found

Metasploit
Metasploit
added 2021/02/04 5:42 p.m.164 views

Sudo Heap-Based Buffer Overflow

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations...

7.8CVSS7.9AI score0.99295EPSS
Exploits81
CERT
CERT
added 2021/02/04 12:0 a.m.130 views

Sudo set_cmd() is vulnerable to heap-based buffer overflow

Overview A heap-based overflow has been discovered in the setcmd function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges. Description From the Sudo Main Page: Sudo su "do" allows a system administrator to delegate authority to give certain use...

7.8CVSS8.2AI score0.99295EPSS
Exploits81References3
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.15 views

EulerOS 2.0 SP5 : cifs-utils (EulerOS-SA-2021-1183)

According to the version of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary...

7CVSS6.4AI score0.00652EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2021/02/03 7:57 p.m.151 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 Root shell PoC for CVE-2021-3156 no brutef...

7.8CVSS7.8AI score0.99295EPSS
Exploits81
RedHat Linux
RedHat Linux
added 2021/02/03 4:14 p.m.5 views

sudo: Heap buffer overflow in argument parsing

A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command by default, any local user can execute sudo without authentication. Successful exploitation of this flaw coul...

7.8CVSS7.1AI score0.99295EPSS
Exploits81References8
RedHat Linux
RedHat Linux
added 2021/02/03 4:14 p.m.226 views

Important: Red Hat Security Advisory: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4]

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

7.8CVSS7.2AI score0.99295EPSS
Exploits83References14
RedHat Linux
RedHat Linux
added 2021/02/03 10:39 a.m.5 views

sudo: Heap buffer overflow in argument parsing

A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command by default, any local user can execute sudo without authentication. Successful exploitation of this flaw coul...

7.8CVSS7.1AI score0.99295EPSS
Exploits81References8
RedHat Linux
RedHat Linux
added 2021/02/03 10:39 a.m.155 views

Important: Red Hat Security Advisory: RHV-H security, bug fix, enhancement update (redhat-virtualization-host) 4.3.13

An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS7.2AI score0.99295EPSS
Exploits83References9
GithubExploit
GithubExploit
added 2021/02/03 9:48 a.m.56 views

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE 2021-3156 How to pwn py...

7.8CVSS7.7AI score0.99295EPSS
Exploits81
Packet Storm
Packet Storm
added 2021/02/03 12:0 a.m.343 views

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 1 Date: 2021-02-02 Exploit Author: West Shepherd Version: Sudo legacy versions from 1.8.2 to 1.8.31p2, stable versions from 1.9.0 to 1.9.5p1. Tested on: Ubuntu 20.04.1 LTS Sudo version 1.8.31 CVE :...

1AI score0.99295EPSS
Exploits81
Tenable Nessus
Tenable Nessus
added 2021/02/03 12:0 a.m.43 views

RHEL 8 : Red Hat Virtualization Host security update [ovirt-4.4.4] (Important) (RHSA-2021:0401)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0401 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...

7.8CVSS7.2AI score0.99295EPSS
Exploits83References19
Exploit DB
Exploit DB
added 2021/02/03 12:0 a.m.555 views

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 2 Authors and Contributors: cts, help from r4j, debug by nu11secur1ty Date: 30.01.2021 Vendor: https://www.sudo.ws/ Link: https://www.sudo.ws/download.html CVE: CVE-2021-3156 + Source:...

7.8CVSS8.6AI score0.99295EPSS
Exploits81
Exploit DB
Exploit DB
added 2021/02/03 12:0 a.m.283 views

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 1 Date: 2021-02-02 Exploit Author: West Shepherd Version: Sudo legacy versions from 1.8.2 to 1.8.31p2, stable versions from 1.9.0 to 1.9.5p1. Tested on: Ubuntu 20.04.1 LTS Sudo version 1.8.31 CVE :...

7.8CVSS8.6AI score0.99295EPSS
Exploits81
Wiz blog
Wiz blog
added 2021/02/02 1:0 p.m.9 views

Recent Linux sudo vulnerability affects a major percent of cloud workloads

With an estimated 90% of cloud workloads running Linux based OS, with sudo being common across distributions, many Linux cloud assets are at risk and may be affected. Versions released as far back as 2011 are affected by this vulnerability...

6.9AI score
Exploits0
CISA
CISA
added 2021/02/02 12:0 a.m.100 views

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

Sudo has released an advisory addressing a heap-based buffer overflow vulnerability—CVE-2021-3156—affecting sudo legacy versions 1.8.2 through 1.8.31p2 and stable versions 1.9.0 through 1.9.5p1. Sudo is a utility included in many Unix- and Linux-based operating systems that allows a user to run...

7.2CVSS3.5AI score0.99295EPSS
Exploits81References3
OpenVAS
OpenVAS
added 2021/02/02 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1173)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.99295EPSS
Exploits83References4
Gitee
Gitee
added 2021/02/01 10:21 p.m.14 views

Exploit for Improper Handling of Exceptional Conditions in Sudo_Project Sudo

PoC exploit for CVE-2019-14287, a vulnerability in Sudo before 1.8.28. The exploit targets the ability of an attacker with access to a Runas ALL sudoer account to bypass certain policy blacklists and session PAM modules, and cause incorrect logging, by invoking sudo with a crafted user ID. The...

9CVSS8.1AI score0.63917EPSS
Exploits10
Gitee
Gitee
added 2021/02/01 9:54 p.m.7 views

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a PoC exploit for CVE-2021-3156, a heap-based overflow vulnerability in sudo. The exploit is a C program that creates a shared library libnssX/P0PSH3LLZ.so.2 that overflows the heap when sudoedit is called. The exploit can be built using the provided Makefile and run using the...

7.8CVSS7.8AI score0.99295EPSS
Exploits81
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.34 views

CentOS 8 : sudo (CESA-2020:1804)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:1804 advisory. - sudo: attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user CVE-2019-19232 Note that Nessus has not tested for this issue but...

7.5CVSS6.4AI score0.03295EPSS
Exploits0References2
0day.today
0day.today
added 2021/02/01 12:0 a.m.62 views

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 1 Exploit Author: West Shepherd Version: Sudo legacy versions from 1.8.2 to 1.8.31p2, stable versions from 1.9.0 to 1.9.5p1. Tested on: Ubuntu 20.04.1 LTS Sudo version 1.8.31 CVE : CVE-2021-3156 Credit...

7.8CVSS8.2AI score0.99295EPSS
Exploits81
Rows per page
Query Builder