Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-3156 PoC — Sudo 缓冲区错误漏洞

Source
https://github.com/SantiagoSerrao/ScannerCVE-2021-3156
Associated Vulnerability
Title:Sudo 缓冲区错误漏洞 (CVE-2021-3156)
Description:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.5p2 之前版本存在缓冲区错误漏洞,攻击者可使用sudoedit -s和一个以单个反斜杠字符结束的命令行参数升级到root。
Readme
# ScannerCVE-2021-3156
Script para escanear una lista de host donde es posible saber si se es vulnerable al cve 2021-3156 En caso de no ser vulnerable la salida es la siguiente:

sudoedit: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper sudoedit: se requiere una contraseña

Puede ser configurado y cambiado para que no pida contraseña cada vez que hace la conexion a cada servidor

Testeado en Ubuntu
File Snapshot

 [4.0K]  /data/pocs/7f6f3dea909ece4fd0762a6fc7b91448f788a1df
├── [ 952]  CVE-2021-3156.py
├── [ 34K]  LICENSE
└── [ 485]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.