Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-3156 PoC — Sudo 缓冲区错误漏洞

Source
https://github.com/ph4ntonn/CVE-2021-3156
Associated Vulnerability
Title:Sudo 缓冲区错误漏洞 (CVE-2021-3156)
Description:Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Description
CVE-2021-3156
Readme
# CVE-2021-3156

## 概述

Heap-based buffer overflow in Sudo (CVE-2021-3156)

由于```sudo```转义```\```不当而造成的堆溢出漏洞,LPE

## 影响范围

从1.8.2到1.8.31p2的所有版本

从1.9.0到1.9.5p1的所有稳定版本

## 检测命令

```sudoedit -s '\' `perl -e 'print "A" x 65536'```

如果出现类似```Segmentation fault (core dumped)```即表明存在漏洞

## 相关文献

https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt

## 分析

先占个坑,正在调试分析中,等分析完写完blog贴链接
File Snapshot

 [4.0K]  /data/pocs/e5fad9d2e667c972f156a84128c3d00fcc05e03b
└── [ 582]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →