14 lines
411 B
Markdown
14 lines
411 B
Markdown
|
# CVE-2021-3156 Baron Samedit
|
||
|
|
||
|
* [Animesh Jain's blog post on Qualys](https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit)
|
||
|
* [blasty's PoC](https://github.com/blasty/CVE-2021-3156.git)
|
||
|
* Heap based overflow
|
||
|
* Versions 1.8.2-1.8.31p2, 1.9.0-1.9.5p1
|
||
|
* Check vulnerability via
|
||
|
```sh
|
||
|
sudoedit -s '\' $(python -c "print('\x41' * 10000)")
|
||
|
```
|
||
|
|
||
|
|
||
|
|