CVE-2021-3156 PoC — Sudo 缓冲区错误漏洞

Source

https://github.com/SantiagoSerrao/ScannerCVE-2021-3156

Associated Vulnerability

Title:Sudo 缓冲区错误漏洞 (CVE-2021-3156)
Description:Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Readme

# ScannerCVE-2021-3156
Script para escanear una lista de host donde es posible saber si se es vulnerable al cve 2021-3156 En caso de no ser vulnerable la salida es la siguiente:

sudoedit: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper sudoedit: se requiere una contraseña

Puede ser configurado y cambiado para que no pida contraseña cada vez que hace la conexion a cada servidor

Testeado en Ubuntu

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →