User authentication is not required to exploit the bug. The bug can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. It has been given the name Baron Samedit by its discoverer. But sudo permission on some Linux distribution is 4711 (-rws-x-x) which is impossible to check on target system.A serious heap-based buffer overflow has been discovered in sudo before version 1.9.5p2 that is exploitable by any local user. This is an exploit for the CVE-2021-3156 sudo vulnerability (dubbed Baron Samedit by Qualys). The exploit attempt to check root mailer flag from sudo binary. If you know a target sudo is compiled with -disable-root-mailer, you can skip this exploit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |