Sudo before 1.9.5p2 contains an off-by-one error that can result in a
heap-based buffer overflow, which allows privilege escalation to root via
“sudoedit -s” and a command-line argument that ends with a single backslash
character.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchsudo< 1.8.21p2-3ubuntu1.4UNKNOWN
ubuntu20.04noarchsudo< 1.8.31-1ubuntu1.2UNKNOWN
ubuntu20.10noarchsudo< 1.9.1-1ubuntu1.1UNKNOWN
ubuntu14.04noarchsudo< 1.8.9p5-1ubuntu1.5+esm6UNKNOWN
ubuntu16.04noarchsudo< 1.8.16-0ubuntu1.10UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	sudo	< 1.8.21p2-3ubuntu1.4	UNKNOWN
ubuntu	20.04	noarch	sudo	< 1.8.31-1ubuntu1.2	UNKNOWN
ubuntu	20.10	noarch	sudo	< 1.9.1-1ubuntu1.1	UNKNOWN
ubuntu	14.04	noarch	sudo	< 1.8.9p5-1ubuntu1.5+esm6	UNKNOWN
ubuntu	16.04	noarch	sudo	< 1.8.16-0ubuntu1.10	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2021-3156

nvd.nist.gov/vuln/detail/CVE-2021-3156

security-tracker.debian.org/tracker/CVE-2021-3156

ubuntu.com/security/notices/USN-4705-1

ubuntu.com/security/notices/USN-4705-2

www.cve.org/CVERecord?id=CVE-2021-3156

nessus 43

githubexploit 53

osv 4

rapid7blog 2

attackerkb 1

suse 1

debian 3

fedora 2

cve 1

openvas 21

zdt 4

redhat 10

cisa_kev 1

cloudlinux 1

oraclelinux 4

ibm 1

photon 2

avleonov 1

packetstorm 4

altlinux 2

ubuntu 1

redos 2

centos 1

alpinelinux 1

cert 1

f5 1

ics 6

cisa 1

cisco 1

virtuozzo 2

paloalto 1

metasploit 1

almalinux 1

checkpoint_security 1

veracode 1

qualysblog 2

amazon 2

threatpost 2

redhatcve 1

huawei 1

mageia 1

prion 1

cvelist 1

freebsd 1

debiancve 1

slackware 1

exploitdb 2

nessus

SUSE SLES12 Security Update : sudo (SUSE-SU-2021:1267-1)

2021-04-21 00:00:00

RHEL 8 : sudo (RHSA-2021:0219)

2021-01-27 00:00:00

SUSE SLES12 Security Update : sudo (SUSE-SU-2021:0928-1)

2021-03-26 00:00:00

githubexploit

Exploit for Off-by-one Error in Sudo Project Sudo

2021-01-30 03:22:04

Exploit for Off-by-one Error in Sudo Project Sudo

2021-02-03 08:36:01

Exploit for Off-by-one Error in Mcafee Web Gateway

2021-02-03 11:27:52

osv

sudo - security update

2021-01-26 00:00:00

CVE-2021-3156

2021-01-26 21:15:12

sudo vulnerability

2021-01-27 15:01:20

rapid7blog

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

2021-02-04 21:04:49

Metasploit Wrap-Up

2021-02-05 19:30:43

attackerkb

CVE-2021-3156 "Baron Samedit"

2021-01-26 00:00:00

suse

Security update for sudo (important)

2021-04-23 00:00:00

debian

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:52

[SECURITY] [DLA 2534-1] sudo security update

2021-01-26 18:36:34

fedora

[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32

2021-01-27 04:12:23

[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33

2021-01-27 01:19:48

cve

CVE-2021-3156

2021-01-26 21:15:00

openvas

Fedora: Security Advisory for sudo (FEDORA-2021-2cb63d912a)

2021-01-27 00:00:00

Mageia: Security Advisory (MGASA-2021-0056)

2022-01-28 00:00:00

Fedora: Security Advisory for sudo (FEDORA-2021-8840cbdccd)

2021-01-29 00:00:00

zdt

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

2021-02-05 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

2021-02-01 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

2021-02-01 00:00:00

redhat

(RHSA-2021:0223) Important: sudo security update

2021-01-26 19:00:30

(RHSA-2021:0221) Important: sudo security update

2021-01-26 18:54:37

(RHSA-2021:0226) Important: sudo security update

2021-01-26 18:56:10

cisa_kev

Sudo Heap-Based Buffer Overflow Vulnerability

2022-04-06 00:00:00

cloudlinux

Fix CVE-2021-3156: Heap-based buffer overflow in sudo

2021-01-27 12:30:00

oraclelinux

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

ibm

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

2021-04-12 22:48:01

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0358

2021-01-29 00:00:00

Important Photon OS Security Update - PHSA-2021-0188

2021-01-27 00:00:00

avleonov

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

2021-03-02 01:07:00

packetstorm

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

2021-02-03 00:00:00

Sudo Buffer Overflow / Privilege Escalation

2021-02-01 00:00:00

Sudo Heap-Based Buffer Overflow

2021-01-27 00:00:00

altlinux

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1

2021-02-06 00:00:00

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1

2021-01-27 00:00:00

ubuntu

Sudo vulnerability

2021-01-27 00:00:00

redos

ROS-2-613

2021-09-08 00:00:00

ROS-2-438

2021-12-24 00:00:00

centos

sudo security update

2021-01-27 00:11:23

alpinelinux

CVE-2021-3156

2021-01-26 21:15:00

cert

Sudo set_cmd() is vulnerable to heap-based buffer overflow

2021-02-04 00:00:00

K86488846 : Sudo vulnerability CVE-2021-3156

2021-01-29 00:00:00

ics

Johnson Controls Sensormatic Electronics Illustra

2021-09-02 12:00:00

Johnson Controls Sensormatic Tyco AI

2021-05-13 12:00:00

Johnson Controls Sensormatic Electronics VideoEdge

2021-05-27 12:00:00

cisa

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

2021-02-02 00:00:00

cisco

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

2021-01-29 21:30:00

virtuozzo

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

2021-01-27 00:00:00

[Important] [Security] Virtuozzo Hybrid Infrastructure 4.0 Update 1.2 (4.0.1-49)

2020-02-03 00:00:00

paloalto

Informational: Impact of Sudo Vulnerability CVE-2021-3156

2021-02-10 17:00:00

metasploit

Sudo Heap-Based Buffer Overflow

2021-02-04 14:25:40

almalinux

Important: sudo security update

2021-01-26 18:53:36

checkpoint_security

Check Point CVE-2021-3156 (sudo Privilege Escalation)

2021-01-28 08:21:18

veracode

Privilege Escalation

2021-01-26 21:59:42

qualysblog

Qualys Research Wins Two 2021 Pwnie Awards

2021-08-05 01:44:02

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

2021-01-26 18:09:09

amazon

Important: sudo

2021-01-25 23:09:00

Important: sudo

2021-01-26 00:11:00

threatpost

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

2021-08-30 21:46:56

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

2021-01-27 19:16:41

redhatcve

CVE-2021-3156

2021-01-26 19:51:28

huawei

Security Advisory - Sudo Privilege Escalation Vulnerability

2021-03-10 00:00:00

mageia

Updated sudo packages fix security vulnerability

2021-01-27 03:40:21

prion

Heap overflow

2021-01-26 21:15:00

cvelist

CVE-2021-3156

2021-01-26 00:00:00

freebsd

sudo -- Multiple vulnerabilities

2021-01-26 00:00:00

debiancve

CVE-2021-3156

2021-01-26 21:15:00

slackware

[slackware-security] sudo

2021-01-26 21:34:51

exploitdb

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

2021-02-03 00:00:00

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

2021-02-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.97 High

EPSS

Percentile

99.7%

JSON

Related for UB:CVE-2021-3156