cve_2021_3156_sudo_buffer_overflow

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# Filename: cve_2021_3156_sudo_buffer_overflow.py
# Version: 1.0.0
# Author: Jeoi Reqi
# Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2021-3156

"""
Description:
This script identifies systems vulnerable to CVE-2021-3156, the Sudo Buffer Overflow Vulnerability.
The vulnerability arises in Sudo versions prior to 1.9.5p2 due to an off-by-one error, potentially leading to privilege escalation.

Requirements:
- Python 3.x

Usage:
Execute the script using `python cve_2021_3156_sudo_buffer_overflow.py`.

Functions:
- check_for_vulnerability(): Determines if the system is vulnerable.
"""

def check_for_vulnerability():
    """
    Determines if the system is vulnerable to CVE-2021-3156.
    """
    print("Checking for CVE-2021-3156 Sudo Buffer Overflow Vulnerability...\n")

    try:
        import subprocess
        import re

        output = subprocess.check_output(["sudo", "--version"])
        version = re.search(r"Sudo version (\d+\.\d+\.\d+)", output.decode())

        if version:
            sudo_version = version.group(1)

            if sudo_version < "1.9.5p2":
                print(f"Your system's Sudo version ({sudo_version}) is vulnerable.")
                print("Immediate action is recommended to mitigate the risk.")
            else:
                print(f"Your system's Sudo version ({sudo_version}) is not vulnerable to CVE-2021-3156.")
                print("No further action is required at this time.")
        else:
            print("Failed to retrieve Sudo version. Please ensure Sudo is installed on your system.")

    except Exception as e:
        print("An error occurred:", e)
        print("Failed to check for vulnerability. Please ensure Sudo is installed and accessible on your system.")

if __name__ == "__main__":
    check_for_vulnerability()