CVE-2023-22809 PoC — Sudo 安全漏洞

Source

https://github.com/hello4r1end/patch_CVE-2023-22809

Associated Vulnerability

Title:Sudo 安全漏洞 (CVE-2023-22809)
Description:Sudo是一款使用于类Unix系统的，允许用户通过安全的方式使用特殊的权限执行命令的程序。 1.9.12p2 之前的 Sudo存在安全漏洞，该漏洞源于sudoedit（又名 -e）功能错误处理用户提供的环境变量（SUDO_EDITOR、VISUAL 和 EDITOR）中传递的额外参数，从而允许本地攻击者将任意条目附加到要处理的文件列表中 . 这可能导致特权升级。

Readme

# patch_CVE-2023-22809

Bash Script: sudo Installation

This Bash script automates the installation of the latest version of `sudo` on your system.

Prerequisites

- Linux-based operating system
- `wget` package installed (can be installed using the package manager)


Usage
1. Clone or download this repository to your local machine.
2. Navigate to the directory containing the script.
3. Open a terminal in the script's directory.
4. Make the script executable with the following command:
   ```bash
   chmod +x CVE-2023-22809Patch.sh
Run the script with elevated privileges:
bash
Copy code
sudo ./install_sudo.sh
The script will download the latest version of sudo from the specified URL and install it on your system. The URL can be modified to point to a different source if needed. Once the installation is complete, you can use sudo with the updated version.

File Snapshot


 [4.0K]  /data/pocs/c1b08f1dca25ac602b5229db98693ba2353c5bb2
├── [ 447]  CVE-2023-22809Patch.sh
└── [ 866]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!