cve_2021_3156_sudo_buffer_overflow

1. #!/bin/bash
2.  
3. # Filename: cve_2021_3156_sudo_buffer_overflow.sh
4. # Version: 1.0.0
5. # Author: Jeoi Reqi
6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2021-3156
7. #
8. # Description:
9. # This script identifies systems vulnerable to CVE-2021-3156, the Sudo Buffer Overflow Vulnerability.
10. # The vulnerability arises in Sudo versions prior to 1.9.5p2 due to an off-by-one error, potentially leading to privilege escalation.
11. #
12. # Usage:
13. # Execute the script using `./cve_2021_3156_sudo_buffer_overflow.sh`.
14. #
15. # Functions:
16. # - check_for_vulnerability(): Determines if the system is vulnerable.
17.  
18. check_for_vulnerability() {
19.     echo "Checking for CVE-2021-3156 Sudo Buffer Overflow Vulnerability..."
20.    
21.     # Check if Sudo is installed and if the vulnerable version is present
22.     if command -v sudo >/dev/null 2>&1; then
23.         sudo_version=$(sudo -V | grep "Sudo version" | awk '{print $3}')
24.         vulnerable_version="1.9.5p2"
25.        
26.         if [[ "$sudo_version" == "$vulnerable_version" ]]; then
27.             echo "Your Sudo version ($sudo_version) is vulnerable to CVE-2021-3156."
28.             echo "Immediate action is recommended to mitigate the risk."
29.         else
30.             echo "Your Sudo version ($sudo_version) is not vulnerable to CVE-2021-3156."
31.             echo "No further action is required at this time."
32.         fi
33.     else
34.         echo "Sudo is not installed on your system."
35.         echo "Please install Sudo to check for this vulnerability."
36.     fi
37. }
38.  
39. check_for_vulnerability