Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2021-3156
Description:Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
Test IDs: 1.3.6.1.4.1.25623.1.0.117187   1.3.6.1.4.1.25623.1.1.4.2021.0227.1   1.3.6.1.4.1.25623.1.1.4.2021.1274.1   1.3.6.1.4.1.25623.1.1.2.2021.1520   1.3.6.1.4.1.25623.1.1.4.2021.1275.1   1.3.6.1.4.1.25623.1.1.2.2021.1390   1.3.6.1.4.1.25623.1.1.4.2021.1267.1   1.3.6.1.4.1.25623.1.0.853606   1.3.6.1.4.1.25623.1.1.4.2021.0225.1   1.3.6.1.4.1.25623.1.1.4.2021.0232.1   1.3.6.1.4.1.25623.1.1.2.2021.1173   1.3.6.1.4.1.25623.1.1.2.2021.1707   1.3.6.1.4.1.25623.1.1.2.2021.1669   1.3.6.1.4.1.25623.1.1.2.2021.1276   1.3.6.1.4.1.25623.1.1.2.2021.1575   1.3.6.1.4.1.25623.1.1.4.2021.0226.1   1.3.6.1.4.1.25623.1.1.4.2021.1273.1   1.3.6.1.4.1.25623.1.0.853585   1.3.6.1.4.1.25623.1.0.878853   1.3.6.1.4.1.25623.1.0.878858   1.3.6.1.4.1.25623.1.1.2.2021.1366   1.3.6.1.4.1.25623.1.1.4.2021.0928.1   1.3.6.1.4.1.25623.1.1.2.2021.1257   1.3.6.1.4.1.25623.1.1.2.2021.1630   1.3.6.1.4.1.25623.1.1.2.2021.1424   1.3.6.1.4.1.25623.1.1.2.2021.1375   1.3.6.1.4.1.25623.1.0.844800   1.3.6.1.4.1.25623.1.0.883317   1.3.6.1.4.1.25623.1.0.117186   1.3.6.1.4.1.25623.1.0.704839   1.3.6.1.4.1.25623.1.1.2.2021.2170  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-3156
CERT/CC vulnerability note: VU#794544
https://www.kb.cert.org/vuls/id/794544
Cisco Security Advisory: 20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM
https://kc.mcafee.com/corporate/index?page=content&id=SB10348
https://security.netapp.com/advisory/ntap-20210128-0001/
https://security.netapp.com/advisory/ntap-20210128-0002/
https://support.apple.com/kb/HT212177
https://www.sudo.ws/stable.html#1.9.5p2
https://www.synology.com/security/advisory/Synology_SA_21_02
Debian Security Information: DSA-4839 (Google Search)
https://www.debian.org/security/2021/dsa-4839
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/
http://seclists.org/fulldisclosure/2021/Jan/79
http://seclists.org/fulldisclosure/2021/Feb/42
https://security.gentoo.org/glsa/202101-33
http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability
https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability
https://www.openwall.com/lists/oss-security/2021/01/26/3
https://www.openwall.com/lists/oss-security/2021/01/26/3
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com//security-alerts/cpujul2021.html
https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html
http://www.openwall.com/lists/oss-security/2021/01/26/3
http://www.openwall.com/lists/oss-security/2021/01/27/1
http://www.openwall.com/lists/oss-security/2021/01/27/2
http://www.openwall.com/lists/oss-security/2021/02/15/1
http://www.openwall.com/lists/oss-security/2021/09/14/2




© 1998-2021 E-Soft Inc. All rights reserved.