cve/2021/CVE-2021-3156.md

CVE-2021-3156

Description

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

POC

Reference

• http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
• http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
• http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
• http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
• http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
• http://seclists.org/fulldisclosure/2024/Feb/3
• http://www.openwall.com/lists/oss-security/2024/01/30/6
• http://www.openwall.com/lists/oss-security/2024/01/30/8
• https://www.oracle.com//security-alerts/cpujul2021.html
• https://www.oracle.com/security-alerts/cpuapr2022.html
• https://www.oracle.com/security-alerts/cpuoct2021.html

Github

• https://github.com/0day404/vulnerability-poc
• https://github.com/0x4ndy/clif
• https://github.com/0x7183/CVE-2021-3156
• https://github.com/0xStrygwyr/OSCP-Guide
• https://github.com/0xZipp0/OSCP
• https://github.com/0xdevil/CVE-2021-3156
• https://github.com/0xsakthi/my-pentest-notes
• https://github.com/0xsyr0/OSCP
• https://github.com/10cks/intranet-pentest
• https://github.com/1N53C/CVE-2021-3156-PoC
• https://github.com/20142995/sectool
• https://github.com/2lambda123/CVE-mitre
• https://github.com/2lambda123/Falco-bypasses
• https://github.com/2lambda123/Windows10Exploits
• https://github.com/30579096/vCenterVulns
• https://github.com/ARGOeu-Metrics/secmon-probes
• https://github.com/ARGOeu/secmon-probes
• https://github.com/ARPSyndicate/cvemon
• https://github.com/AbdullahRizwan101/Baron-Samedit
• https://github.com/Al1ex/LinuxEelvation
• https://github.com/ArrestX/--POC
• https://github.com/Ashish-dawani/CVE-2021-3156-Patch
• https://github.com/BLACKHAT-SSG/MindMaps2
• https://github.com/BearCat4/CVE-2021-3156
• https://github.com/Bubleh21/CVE-2021-3156
• https://github.com/CVEDB/PoC-List
• https://github.com/CVEDB/awesome-cve-repo
• https://github.com/CVEDB/top
• https://github.com/ClassBluer/Exploit_Tools
• https://github.com/CptGibbon/CVE-2021-3156
• https://github.com/CrackerCat/cve-2021-3157
• https://github.com/CyberCommands/CVE-2021-3156
• https://github.com/CyberCommands/exploit-sudoedit
• https://github.com/DDayLuong/CVE-2021-3156
• https://github.com/DanielAzulayy/CTF-2021
• https://github.com/DanielShmu/OSCP-Cheat-Sheet
• https://github.com/DarkFunct/CVE_Exploits
• https://github.com/Drakfunc/CVE_Exploits
• https://github.com/DrewSC13/Linpeas
• https://github.com/EGI-Federation/SVG-advisories
• https://github.com/EdgeSecurityTeam/Vulnerability
• https://github.com/EvilAnne/2021-Read-article
• https://github.com/Exodusro/CVE-2021-3156
• https://github.com/Floodnut/paper_docs_study
• https://github.com/Floodnut/papers_documents_Analysis
• https://github.com/GhostTroops/TOP
• https://github.com/Gutem/scans-exploits
• https://github.com/HadessCS/Awesome-Privilege-Escalation
• https://github.com/HynekPetrak/HynekPetrak
• https://github.com/JERRY123S/all-poc
• https://github.com/JMontRod/Pruebecita
• https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
• https://github.com/KayCHENvip/vulnerability-poc
• https://github.com/Kiosec/Linux-Exploitation
• https://github.com/Kiprey/Skr_Learning
• https://github.com/Lazykakarot1/Learn-365
• https://github.com/LiveOverflow/pwnedit
• https://github.com/Ly0nt4r/OSCP
• https://github.com/Meowmycks/OSCPprep-Cute
• https://github.com/Meowmycks/OSCPprep-Sar
• https://github.com/Meowmycks/OSCPprep-hackme1
• https://github.com/Mhackiori/CVE-2021-3156
• https://github.com/Miraitowa70/POC-Notes
• https://github.com/Morton-L/BoltWrt
• https://github.com/Mr-xn/Penetration_Testing_POC
• https://github.com/NaInSec/CVE-PoC-in-GitHub
• https://github.com/NeQuissimus/nixos-vuln
• https://github.com/Nokialinux/CVE-2021-3156
• https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame
• https://github.com/OrangeGzY/security-research-learning
• https://github.com/Ostorlab/KEV
• https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
• https://github.com/PhuketIsland/CVE-2021-3156-centos7
• https://github.com/PurpleOzone/PE_CVE-CVE-2021-3156
• https://github.com/PwnAwan/MindMaps2
• https://github.com/Q4n/CVE-2021-3156
• https://github.com/RodricBr/CVE-2021-3156
• https://github.com/Ruviixx/proyecto-ps
• https://github.com/Rvn0xsy/CVE-2021-3156-plus
• https://github.com/SPXcz/IC1_projekt
• https://github.com/SYRTI/POC_to_review
• https://github.com/Sabhareesh2002/Cat-picture---Tryhackme
• https://github.com/SamTruss/LMU-CVE-2021-3156
• https://github.com/SantiagoSerrao/ScannerCVE-2021-3156
• https://github.com/Self-Study-Committee/Skr_Learning
• https://github.com/SexyBeast233/SecBooks
• https://github.com/SirElmard/ethical_hacking
• https://github.com/Spektrainfiniti/MP
• https://github.com/TheFlash2k/CVE-2021-3156
• https://github.com/TheSerialiZator/CTF-2021
• https://github.com/Threekiii/Awesome-POC
• https://github.com/Timirepo/CVE_Exploits
• https://github.com/Toufupi/CVE_Collection
• https://github.com/Trivialcorgi/Proyecto-Prueba-PPS
• https://github.com/Whiteh4tWolf/Sudo-1.8.31-Root-Exploit
• https://github.com/Whiteh4tWolf/xcoderootsploit
• https://github.com/WhooAmii/POC_to_review
• https://github.com/Y3A/CVE-2021-3156
• https://github.com/ZTK-009/CVE-2021-3156
• https://github.com/aasphixie/aasphixie.github.io
• https://github.com/abedra/securing_security_software
• https://github.com/ajtech-hue/CVE-2021-3156-Mitigation-ShellScript-Build
• https://github.com/amanszpapaya/MacPer
• https://github.com/anquanscan/sec-tools
• https://github.com/anukiii/Malware_Project_team3
• https://github.com/apachecn-archive/Middleware-Vulnerability-detection
• https://github.com/apogiatzis/docker-CVE-2021-3156
• https://github.com/arvindshima/CVE-2021-3156
• https://github.com/asepsaepdin/CVE-2021-3156
• https://github.com/axelmierczuk/privesc
• https://github.com/b3nn3tt/Kali-Linux-Setup-Tool
• https://github.com/baka9moe/CVE-2021-3156-Exp
• https://github.com/baka9moe/CVE-2021-3156-TestReport
• https://github.com/barebackbandit/CVE-2021-3156
• https://github.com/bc29ea3c101054baa1429ffc2edba4ae/sigma_detection_rules
• https://github.com/beruangsalju/LocalPrivilegeEscalation
• https://github.com/bijaysenihang/sigma_detection_rules
• https://github.com/binw2018/CVE-2021-3156-SCRIPT
• https://github.com/blackberry/Falco-bypasses
• https://github.com/blasty/CVE-2021-3156
• https://github.com/bollwarm/SecToolSet
• https://github.com/bsauce/kernel-exploit-factory
• https://github.com/bsauce/kernel-security-learning
• https://github.com/capturingcats/CVE-2021-3156
• https://github.com/cbass12321/OSCP-Cheat-Sheets
• https://github.com/chenaotian/CVE-2021-3156
• https://github.com/cyberanand1337x/bug-bounty-2022
• https://github.com/cybercrazetech/Employee-walkthrough
• https://github.com/d3c3ptic0n/CVE-2021-3156
• https://github.com/d4n-sec/d4n-sec.github.io
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/diannaofengzi/datura-ctf
• https://github.com/dinhbaouit/CVE-2021-3156
• https://github.com/direwolf314/prescup_cheatsheet
• https://github.com/donghyunlee00/CVE-2021-3156
• https://github.com/dyne/sud
• https://github.com/e-hakson/OSCP
• https://github.com/eeenvik1/kvvuctf_24
• https://github.com/elbee-cyber/CVE-2021-3156-PATCHER
• https://github.com/eljosep/OSCP-Guide
• https://github.com/fei9747/LinuxEelvation
• https://github.com/felixfu59/shocker-attack
• https://github.com/fkie-cad/nvd-json-data-feeds
• https://github.com/flex0geek/cves-exploits
• https://github.com/foyjog/shocker-attack
• https://github.com/freeFV/CVE-2021-3156
• https://github.com/freitzzz/tpas-binary-exploitation
• https://github.com/gamblingmaster2020/vCenterExp
• https://github.com/gmldbd94/cve-2021-3156
• https://github.com/go-bi/go-bi-soft
• https://github.com/goEnum/goEnum
• https://github.com/goEnumAdmin/goEnum
• https://github.com/greg-workspace/my_sudo_heap_overflow_exploit
• https://github.com/grng3r/rs_exploits
• https://github.com/h0pe-ay/Vulnerability-Reproduction
• https://github.com/hac425xxx/heap-exploitation-in-real-world
• https://github.com/halissha/CVE-2021-3156
• https://github.com/harsh-bothra/learn365
• https://github.com/hilbix/suid
• https://github.com/hktalent/TOP
• https://github.com/hktalent/bug-bounty
• https://github.com/huike007/penetration_poc
• https://github.com/iandrade87br/OSCP
• https://github.com/jbmihoub/all-poc
• https://github.com/jm33-m0/CVE-2021-3156
• https://github.com/joshmcorreia/SDSU_Cyber_Security_Red_Team
• https://github.com/joydo/CVE-Writeups
• https://github.com/k0mi-tg/CVE-POC
• https://github.com/kal1gh0st/CVE-2021-3156
• https://github.com/kaosagnt/ansible-everyday
• https://github.com/kasperyhr/CSCI620_FinalProject
• https://github.com/ker2x/DearDiary
• https://github.com/kernelzeroday/CVE-2021-3156-Baron-Samedit
• https://github.com/kevinnivekkevin/3204_coursework_1
• https://github.com/kgwanjala/oscp-cheatsheet
• https://github.com/kldksd/server
• https://github.com/kotikjaroslav/sigma_detection_rules
• https://github.com/kurniawandata/xcoderootsploit
• https://github.com/lions2012/Penetration_Testing_POC
• https://github.com/liqimore/ECE9609-Introduction-to-Hacking
• https://github.com/lmol/CVE-2021-3156
• https://github.com/lockedbyte/CVE-Exploits
• https://github.com/lockedbyte/lockedbyte
• https://github.com/lockedbyte/slides
• https://github.com/lognoz/puppet-freebsd-workstation
• https://github.com/loong576/ansible-production-practice-6
• https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection
• https://github.com/ltfafei/my_POC
• https://github.com/makoto56/penetration-suite-toolkit
• https://github.com/manas3c/CVE-POC
• https://github.com/mbcrump/CVE-2021-3156
• https://github.com/meowhua15/CVE-2021-3156
• https://github.com/migueltc13/KoTH-Tools
• https://github.com/mitinarseny/hse_facl
• https://github.com/mr-r3b00t/CVE-2021-3156
• https://github.com/mrkronkz/exp
• https://github.com/mstxq17/SecurityArticleLogger
• https://github.com/murchie85/twitterCyberMonitor
• https://github.com/musergi/CVE-2021-3156
• https://github.com/mutur4/CVE-2021-3156
• https://github.com/neolin-ms/LinuxDocLinks
• https://github.com/nexcess/sudo_cve-2021-3156
• https://github.com/nitishbadole/oscp-note-3
• https://github.com/njahrckstr/exploits-
• https://github.com/nobodyatall648/CVE-2021-3156
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/nu11secur1ty/CVE-mitre
• https://github.com/nu11secur1ty/CVE-nu11secur1ty
• https://github.com/nu11secur1ty/Windows10Exploits
• https://github.com/oneoy/CVE-2021-3156
• https://github.com/oneoy/exploits1
• https://github.com/oriolOrnaque/TFG-Binary-exploitation
• https://github.com/oscpname/OSCP_cheat
• https://github.com/password520/CVE-2021-3156
• https://github.com/pathakabhi24/Awesome-C
• https://github.com/pen4uin/awesome-vulnerability-research
• https://github.com/pen4uin/vulnerability-research
• https://github.com/pen4uin/vulnerability-research-list
• https://github.com/perlun/sudo-1.8.3p1-patched
• https://github.com/ph4ntonn/CVE-2021-3156
• https://github.com/pmihsan/Sudo-HeapBased-Buffer-Overflow
• https://github.com/popyue/HackTheBox
• https://github.com/promise2k/OSCP
• https://github.com/puckiestyle/CVE-2021-3156
• https://github.com/pvnovarese/2022-02-enterprise-demo
• https://github.com/pvnovarese/2022-04-enterprise-demo
• https://github.com/pvnovarese/2022-04-suse-demo
• https://github.com/pvnovarese/2022-06-enterprise-demo
• https://github.com/pvnovarese/2022-08-enterprise-demo
• https://github.com/pvnovarese/2022-09-enterprise-demo
• https://github.com/pvnovarese/2023-01-enterprise-demo
• https://github.com/pvnovarese/2023-02-demo
• https://github.com/q77190858/CVE-2021-3156
• https://github.com/qxxxb/ctf_challenges
• https://github.com/r0eXpeR/pentest
• https://github.com/r3k4t/how-to-solve-sudo-heap-based-bufferoverflow-vulnerability
• https://github.com/r4j0x00/exploits
• https://github.com/rahardian-dwi-saputra/TryHackMe-WriteUps
• https://github.com/raulvillalpando/BufferOverflow
• https://github.com/realbugdigger/Vuln-Analysis
• https://github.com/redhawkeye/sudo-exploit
• https://github.com/ret2basic/SudoScience
• https://github.com/revanmalang/OSCP
• https://github.com/reverse-ex/CVE-2021-3156
• https://github.com/rfago/tpas-binary-exploitation
• https://github.com/s1lver-lining/Starlight
• https://github.com/sandesvitor/simple-ansible-lab
• https://github.com/saucer-man/exploit
• https://github.com/scaryPonens/cve_bot
• https://github.com/sereok3/buffer-overflow-writeups
• https://github.com/seyrenus/my-awesome-list
• https://github.com/sharkmoos/Baron-Samedit
• https://github.com/siddicky/yotjf
• https://github.com/skilian-enssat/datura-ctf
• https://github.com/soosmile/POC
• https://github.com/stong/CVE-2021-3156
• https://github.com/stressboi/TA-Samedit
• https://github.com/substing/internal_ctf
• https://github.com/substing/vulnerability_capstone_ctf
• https://github.com/taielab/awesome-hacking-lists
• https://github.com/tainguyenbp/linux-cve
• https://github.com/teamtopkarl/CVE-2021-3156
• https://github.com/teresaweber685/book_list
• https://github.com/thisguyshouldworkforus/ansible
• https://github.com/tnguy21/DDC-Regionals-2024
• https://github.com/trhacknon/Pocingit
• https://github.com/tunjing789/Employee-walkthrough
• https://github.com/txuswashere/OSCP
• https://github.com/tzwlhack/Vulnerability
• https://github.com/uhub/awesome-c
• https://github.com/unauth401/CVE-2021-3156
• https://github.com/usdogu/awesome-stars
• https://github.com/voidlsd/CVE-2021-3156
• https://github.com/weeka10/-hktalent-TOP
• https://github.com/weto91/GitHub_Search_CVE
• https://github.com/whoforget/CVE-POC
• https://github.com/wiiwu959/Pentest-Record
• https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
• https://github.com/worawit/CVE-2021-3156
• https://github.com/wsmaxcy/Cat-Pictures-2-Writeup
• https://github.com/wurwur/CVE-2021-3156
• https://github.com/xhref/OSCP
• https://github.com/xsudoxx/OSCP
• https://github.com/xtaran/sshudo
• https://github.com/xuetusummer/Penetration_Testing_POC
• https://github.com/yaunsky/cve-2021-3156
• https://github.com/yifengyou/sudo-1.8.29
• https://github.com/ymrsmns/CVE-2021-3156
• https://github.com/youwizard/CVE-POC
• https://github.com/ypl6/heaplens
• https://github.com/zecool/cve