what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed


Sudo Buffer Overflow / Privilege Escalation
Posted Feb 1, 2021
Authored by nu11secur1ty, Ventsislav Varbanovski, r4j, cts | Site nu11secur1ty.com

Sudo versions prior to 1.9.5p2 suffer from buffer overflow and privilege escalation vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2021-3156
MD5 | c0008b896a425c3f34261956bc495cb7

Related Files

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow
Posted Feb 5, 2021
Authored by Blasty, Spencer McIntyre, Qualys Security Advisory, bwatters-r7, Alexander Krog | Site metasploit.com

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations. The technique used by this implementation leverages the overflow to overwrite a service_user struct in memory to reference an attacker controlled library which results in it being loaded with the elevated privileges held by sudo.

tags | exploit, overflow, local
advisories | CVE-2021-3156
MD5 | 5a520123546e73d450b7fef8df23c9de
Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation
Posted Feb 3, 2021
Authored by West Shepherd, Baron Samedit, Stephen Tong

Sudo version 1.9.5p1 Baron Samedit heap-based buffer overflow and privilege escalation exploit.

tags | exploit, overflow
advisories | CVE-2021-3156
MD5 | 06abe878c8e1c4839b5ad21bf99c0808
Sudo 1.8.25p Buffer Overflow
Posted Feb 4, 2020
Authored by Joe Vennix

Sudo version 1.8.25p suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2019-18634
MD5 | 233691530ff76c01d3ab563e31879327
sudo 1.8.28 Security Bypass
Posted Oct 15, 2019
Authored by joev, Mohin Paramasivam

sudo version 1.8.28 suffers from a security bypass vulnerability.

tags | exploit, bypass
MD5 | 6156d8a204112f3740a39ba32ccb9066
Docker Sudo Privilege Escalation
Posted Jan 18, 2018
Authored by Pype

If a user has sudo permissions to /usr/bin/docker, it can be leveraged to escalated privileges to root.

tags | exploit, root
MD5 | 52de940cff9cf249313f9f59cec9e950
Mac OS X Sudo Password Bypass
Posted Aug 26, 2013
Authored by Todd C. Miller, juan vazquez, joev | Site metasploit.com

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.

tags | exploit, root
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
MD5 | c576a86d9ee4a93abc0dde1445edcab8
Todd Miller sudoedit Root Exploit
Posted Mar 3, 2010
Authored by Kingcope

Todd Miller sudo 'sudoedit' local root exploit that affects 1.6.x versions before 1.6.9p21 and 1.7.x versions before 1.7.2p4.

tags | exploit, local, root
MD5 | 60d786b17fad28be13d0a0d2dab5ae2c
SudoSH 3.2.0
Posted Dec 1, 2009
Site sourceforge.net

sudosh3 is an auditing shell and filter based on sudosh2. It aims to improve file management and terminal emulation. Passwords are not recorded.

tags | tool, shell
systems | unix
MD5 | 73c097d7eec6400a25f10bd121c8e07c
Posted Nov 19, 2008
Authored by Rick

86 byte Linux/x86 edit /etc/sudoers for full access.

tags | x86, shellcode
systems | linux
MD5 | 75ac9ea204450e8db590b8f578f55103
Posted Nov 16, 2008
Authored by Kingcope

sudo versions 1.6.9p18 and below local privilege escalation exploit.

tags | exploit, local
MD5 | 26ffab57d0b621d877b892fec2020d3f
Mandriva Linux Security Advisory 2005.234
Posted Dec 28, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Charles Morris discovered a vulnerability in sudo versions prior to 1.6.8p12 where, when the perl taint flag is off, sudo does not clear the PERLLIB, PERL5LIB, and PERL5OPT environment variables, which could allow limited local users to cause a perl script to include and execute arbitrary library files that have the same name as library files that included by the script.

tags | advisory, arbitrary, local, perl
systems | linux, mandriva
MD5 | 737c71e08b627c2bdf910d969d1327ad
Posted Nov 10, 2005
Authored by breno

Local root exploit for sudo versions below 1.6.8p10 that makes use of the environment cleaning flaws with the SHELLOPTS and PS4 variables.

tags | exploit, local, root
advisories | CVE-2005-2959
MD5 | 26689850763402295ae09b43b6f7fa81
Posted Jun 21, 2005
Site sudo.ws

A race condition exists in Sudo's command pathname handling prior to Sudo version 1.6.8p9 that could allow a user with Sudo privileges to run arbitrary commands.

tags | advisory, arbitrary
MD5 | 5939f94fefe664dba75391d01aae7038
Posted Sep 21, 2004
Authored by Angelo Rosiello | Site rosiello.org

Local exploit for sudo version 1.6.8p1 that makes use of a flaw in sudoedit.

tags | exploit, local
MD5 | fdc1b829ba7147a4d81881f9024a77e2
Posted Sep 21, 2004

sudo version 1.6.8p1 has been released to address a security flaw in sudoedit that could give a malicious user read access to file that would normally be unreadable.

tags | advisory
MD5 | bc14fbcb3df1464bd4114345306db2d3
Posted Jan 17, 2002
Authored by Charles Stevenson

Local root exploit for sudo + postfix. Exploits sudo prior to sudo- Tested on debian powerpc unstable.

tags | exploit, local, root
systems | linux, debian
MD5 | 055ebc951dada82997439ceafe436d5b
Posted Aug 17, 1999

Sudo v1.5.6p2-2, a program that provides limited superuser privileges, does not properly handle improper file access attempts, revealing information about file existence.

tags | exploit
MD5 | 6321b3933f068eeeff338008a65dea77
Page 1 of 1

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By