Advertisement
Python253

cve_2021_3156_sudo_buffer_overflow

Apr 10th, 2024
1,068
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.50 KB | None | 0 0
  1. #!/bin/bash
  2.  
  3. # Filename: cve_2021_3156_sudo_buffer_overflow.sh
  4. # Version: 1.0.0
  5. # Author: Jeoi Reqi
  6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2021-3156
  7. #
  8. # Description:
  9. # This script identifies systems vulnerable to CVE-2021-3156, the Sudo Buffer Overflow Vulnerability.
  10. # The vulnerability arises in Sudo versions prior to 1.9.5p2 due to an off-by-one error, potentially leading to privilege escalation.
  11. #
  12. # Usage:
  13. # Execute the script using `./cve_2021_3156_sudo_buffer_overflow.sh`.
  14. #
  15. # Functions:
  16. # - check_for_vulnerability(): Determines if the system is vulnerable.
  17.  
  18. check_for_vulnerability() {
  19.     echo "Checking for CVE-2021-3156 Sudo Buffer Overflow Vulnerability..."
  20.    
  21.     # Check if Sudo is installed and if the vulnerable version is present
  22.     if command -v sudo >/dev/null 2>&1; then
  23.         sudo_version=$(sudo -V | grep "Sudo version" | awk '{print $3}')
  24.         vulnerable_version="1.9.5p2"
  25.        
  26.         if [[ "$sudo_version" == "$vulnerable_version" ]]; then
  27.             echo "Your Sudo version ($sudo_version) is vulnerable to CVE-2021-3156."
  28.             echo "Immediate action is recommended to mitigate the risk."
  29.         else
  30.             echo "Your Sudo version ($sudo_version) is not vulnerable to CVE-2021-3156."
  31.             echo "No further action is required at this time."
  32.         fi
  33.     else
  34.         echo "Sudo is not installed on your system."
  35.         echo "Please install Sudo to check for this vulnerability."
  36.     fi
  37. }
  38.  
  39. check_for_vulnerability
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement