CVE-2021-3156CISA KEV: Actively Exploited

Sudo Heap-Based Buffer Overflow Vulnerability

Published Apr 6, 2022·Updated Apr 6, 2022

Description

Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

Public Exploits & PoCs64 found

PoC: CVE-2021-3156

Sudo Baron Samedit Exploit

498

PoC: CVE-2021-3156

PoC for CVE-2021-3156 (sudo heap overflow)

433

PoC: CVE-2021-3156-plus

CVE-2021-3156非交互式执行命令

181

PoC: pwnedit

CVE-2021-3156 - Sudo Baron Samedit

180

PoC: CVE-2021-3156

CVE-2021-3156

115

PoC: CVE-2021-3156

Root shell PoC for CVE-2021-3156

102

PoC: clif

clif is a command-line interface (CLI) application fuzzer, pretty much what wfuzz or ffuf are for web. It was inspired by sudo vulnerability CVE-2021-3156 and the fact that for some reasons, Google's afl-fuzz doesn't allow for unlimited argument or option specification.

92

PoC: CVE-2021-3156

CVE-2021-3156: Sudo heap overflow exploit for Debian 10

41

PoC: CVE-2021-3156

Notes regarding CVE-2021-3156: Heap-Based Buffer Overflow in Sudo

41

PoC: CVE-2021-3156-Baron-Samedit

1day research effort

18

PoC: CVE-2021-3156

sudo heap overflow to LPE, in Go

16

PoC: CVE-2021-3156-centos7

利用sudo提权,只针对cnetos7

9

PoC: docker-CVE-2021-3156

A docker environment to research CVE-2021-3156

8

PoC: cve-2021-3156

cve-2021-3156;sudo堆溢出漏洞;漏洞检测

6

PoC: CVE-2021-3156-TestReport

The test report of this exploit.

5

PoC: CVE-2021-3156

Script en python sobre la vulnerabilidad CVE-2021-3156

5

PoC: CVE-2021-3156

CVE-2021-3156 Vagrant Lab

5

PoC: CVE-2021-3156

Exploit generator for sudo CVE-2021-3156

4

PoC: CVE-2021-3156-PATCHER

This simple bash script will patch the recently discovered sudo heap overflow vulnerability.

4

PoC: CVE-2021-3156

Description Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

3

PoC: CVE-2021-3156

复现别人家的CVEs系列

3

PoC: CVE-2021-3156

CVE-2021-3156

3

PoC: heaplens

CMPT733 Cybersecurity Lab II Project: GDB plugin for heap exploits inspired by CVE-2021-3156

2

PoC: CVE-2021-3156

CVE-2021-3156 POC and Docker and Analysis write up

2

PoC: sudo-exploit

CVE-2021-3156 - sudo exploit for ubuntu 18.04 & 20.04

2

PoC: CVE-2021-3156

sudo提权漏洞CVE-2021-3156复现代码

1

PoC: CVE-2021-3156

CVE-2021-3156

1

PoC: CVE-2021-3156

Sudo Heap Overflow Baron Samedit

1

PoC: CVE-2021-3156

CVE-2021-3156漏洞修复Shell

1

PoC: CVE-2021-3156

checking CVE-2021-3156 vulnerability & patch script

1

PoC: CVE-2021-3156-Baron-Samedit

Exploitation and mitigation analysis of CVE-2021-3156 heap-based buffer overflow in sudo

PoC: CVE-2021-3156

Exploiting heap-based buffer overflow in sudo for privilege escalation

PoC: porfolio-Baron-Samedit

this is a study about CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

PoC: CVE-2021-3156

POC for CVE-2021-3156 - Heap-based buffer overflow in sudo

PoC: CVE-2021-3156-Sudo-Buffer-Overflow-Linux

Red Team exploitation of CVE-2021-3156 (Baron Samedit) – Heap Buffer Overflow in Sudo leading to Local Privilege Escalation on Ubuntu 20.04

PoC: CVE-2021-3156-Baron-Samedit

A simple Docker lab and Exploit setup for CVE-2021-3156 - "Baron Samedit".

PoC: cve-2021-3156

fixed version

PoC: cve-2021-3156-sudo-lab

Projeto educacional desenvolvido em Python com foco na análise da vulnerabilidade CVE-2021-3156 (Baron Samedit), uma falha crítica no sudo que permitia elevação de privilégio local em sistemas Linux.

PoC: CVE-Exploit-Research-Development-ITSOLERA

A research regarding the exisiting CVE exploit : CVE-2021-3156(Sudo BufferOverflow)

PoC: Sudo-CVE-2021-3156

Exploit para explotar la vulnerabilidad CVE-2021-3156.

PoC: Review.CVE-2021-3156

CVE-2021-3156-Exploit-Demo

PoC: baron-samedit

This repository contains a Proof-of-Concept (PoC) exploit for the Baron Samedit vulnerability (CVE-2021-3156). The exploit demonstrates privilege escalation on Ubuntu 20.04 with sudo version 1.8.31 and glibc version 2.31. It includes an assembly-based exploit, a shared object payload, and a Makefile for automated compilation.

PoC: CVE-2021-3156-without-ip-command

fork of worawit/CVE-2021-3156 exploit_nss.py modified to work with ifconfig instead of the ip command

PoC: CVE-2021-3156-checker

Checker for CVE-2021-3156 with static version check

PoC: CVE-2021-3156

kernal exploit 3156

PoC: CVE-2021-3156

Forked from @worawit, shorter&optimized. Only works for sudo=1.8.23 on Centos7

PoC: Y3A-CVE-2021-3156

Y3A / CVE-2021-3156

PoC: PE_CVE-CVE-2021-3156

Exploit for Ubuntu 20.04 using CVE-2021-3156 enhanced with post-exploitation scripts

PoC: CVE-2021-3156

Baron SameEdit Heap Overflow LPE 1-Day Exploit

PoC: CVE-2021-3156

🤯 Exploit for sudo heap overflow.

PoC: CVE-2021-3156

Fuzzing, visualization and exploit of sudo vulnerability CVE-2021-3156

PoC: CVE-2021-3156

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

PoC: CVE-2021-3156

Exploit for CVE-2021-3156

PoC: SudoScience

CVE-2021-3156 deep dive.

PoC: Baron-Samedit

Exploit and Demo system for CVE-2021-3156

PoC: CVE-2021-3156

CVE-2021-3156 exploit

PoC: CVE-2021-3156

Sudo heap-based buffer overflow privilege escalation commands and mitigations.

PoC: how-to-solve-sudo-heap-based-bufferoverflow-vulnerability

How to solve Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156?

PoC: cve-2021-3156

보안취약점 확인

PoC: sudo-1.8.3p1-patched

Custom version of sudo 1.8.3p1 with CVE-2021-3156 patches applied

PoC: CTF-2021

CTF for HDE 64 students at See Security College. Exploit a JWT (web part) & CVE-2021-3156 (LPE part).

PoC: CVE-2021-3156-Patch

Patch Script for CVE-2021-3156 Heap Overflow

PoC: CVE-2021-3156

a simple script to patch CVE-2021-3156 (heap based buffer overflow via sudo).

PoC: CVE-2021-3156

CVE-2021-3156

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free