关联漏洞
标题:
Sudo 安全漏洞
(CVE-2023-22809)
描述:Sudo是一款使用于类Unix系统的,允许用户通过安全的方式使用特殊的权限执行命令的程序。 1.9.12p2 之前的 Sudo存在安全漏洞,该漏洞源于sudoedit(又名 -e)功能错误处理用户提供的环境变量(SUDO_EDITOR、VISUAL 和 EDITOR)中传递的额外参数,从而允许本地攻击者将任意条目附加到要处理的文件列表中 . 这可能导致特权升级。
介绍
# patch_CVE-2023-22809
Bash Script: sudo Installation
This Bash script automates the installation of the latest version of `sudo` on your system.
Prerequisites
- Linux-based operating system
- `wget` package installed (can be installed using the package manager)
Usage
1. Clone or download this repository to your local machine.
2. Navigate to the directory containing the script.
3. Open a terminal in the script's directory.
4. Make the script executable with the following command:
```bash
chmod +x CVE-2023-22809Patch.sh
Run the script with elevated privileges:
bash
Copy code
sudo ./install_sudo.sh
The script will download the latest version of sudo from the specified URL and install it on your system. The URL can be modified to point to a different source if needed. Once the installation is complete, you can use sudo with the updated version.
文件快照
[4.0K] /data/pocs/c1b08f1dca25ac602b5229db98693ba2353c5bb2
├── [ 447] CVE-2023-22809Patch.sh
└── [ 866] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。