module
Sudo Heap-Based Buffer Overflow
| Disclosed |
|---|
| Jan 26, 2021 |
Disclosed
Jan 26, 2021
Description
A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker
to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2
through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations. The technique used by this
implementation leverages the overflow to overwrite a service_user struct in memory to reference an attacker
controlled library which results in it being loaded with the elevated privileges held by sudo.
to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2
through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations. The technique used by this
implementation leverages the overflow to overwrite a service_user struct in memory to reference an attacker
controlled library which results in it being loaded with the elevated privileges held by sudo.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.