A heap-based buffer overflow vulnerability was found in the way sudo parses command line arguments. This flaw is exploitable by any authenticated, local user who can execute the sudo command. Successful exploitation of this flaw could lead to privilege escalation. (Vulnerability ID: HWPSIRT-2021-11969)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2021-3156.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

<http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210310-01-escalation-en>

CPENameOperatorVersion
agile controller-campuseqV100R003C50SPC302
agile controller-campuseqV100R003C60SPC200
agile controller-campuseqV100R003C60SPC201
agile controller-campuseqV100R003C60SPC202
agile controller-campuseqV100R003C60SPC203
agile controller-campuseqV100R003C60SPC205
agile controller-campuseqV100R003C60SPC206
agile controller-campuseqV100R003C60SPC207
agile controller-campuseqV100R003C60SPC208
agile controller-campuseqV100R003C60SPC209

Name	Operator	Version
agile controller-campus	eq	V100R003C50SPC302
agile controller-campus	eq	V100R003C60SPC200
agile controller-campus	eq	V100R003C60SPC201
agile controller-campus	eq	V100R003C60SPC202
agile controller-campus	eq	V100R003C60SPC203
agile controller-campus	eq	V100R003C60SPC205
agile controller-campus	eq	V100R003C60SPC206
agile controller-campus	eq	V100R003C60SPC207
agile controller-campus	eq	V100R003C60SPC208
agile controller-campus	eq	V100R003C60SPC209

Rows per page:

1-10 of 1221

attackerkb 1

rapid7blog 2

nessus 43

osv 4

debian 3

githubexploit 53

suse 1

fedora 2

zdt 4

openvas 21

redhat 10

cisa_kev 1

cve 1

cloudlinux 1

oraclelinux 4

almalinux 1

cisa 1

ics 6

f5 1

alpinelinux 1

virtuozzo 2

cisco 1

paloalto 1

metasploit 1

cert 1

centos 1

ibm 1

photon 2

redos 2

altlinux 2

packetstorm 4

avleonov 1

ubuntucve 1

ubuntu 1

checkpoint_security 1

veracode 1

qualysblog 2

threatpost 2

redhatcve 1

amazon 2

mageia 1

prion 1

cvelist 1

debiancve 1

freebsd 1

slackware 1

exploitdb 2

attackerkb

CVE-2021-3156 "Baron Samedit"

2021-01-26 00:00:00

rapid7blog

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

2021-02-04 21:04:49

Metasploit Wrap-Up

2021-02-05 19:30:43

nessus

Oracle Linux 7 : sudo (ELSA-2021-0221)

2021-01-27 00:00:00

RHEL 7 : sudo (RHSA-2021:0225)

2021-01-27 00:00:00

AlmaLinux 8 : sudo (ALSA-2021:0218)

2022-02-09 00:00:00

osv

sudo - security update

2021-01-26 00:00:00

sudo vulnerability

2021-01-27 15:01:20

CVE-2021-3156

2021-01-26 21:15:12

debian

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:52

[SECURITY] [DLA 2534-1] sudo security update

2021-01-26 18:36:34

githubexploit

Exploit for Off-by-one Error in Sudo Project Sudo

2021-08-07 08:38:50

Exploit for Off-by-one Error in Sudo Project Sudo

2021-04-04 01:15:05

Exploit for Off-by-one Error in Sudo Project Sudo

2021-02-23 03:14:36

suse

Security update for sudo (important)

2021-04-23 00:00:00

fedora

[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32

2021-01-27 04:12:23

[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33

2021-01-27 01:19:48

zdt

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

2021-02-05 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

2021-02-01 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

2021-02-01 00:00:00

openvas

Fedora: Security Advisory for sudo (FEDORA-2021-2cb63d912a)

2021-01-27 00:00:00

Mageia: Security Advisory (MGASA-2021-0056)

2022-01-28 00:00:00

Fedora: Security Advisory for sudo (FEDORA-2021-8840cbdccd)

2021-01-29 00:00:00

redhat

(RHSA-2021:0221) Important: sudo security update

2021-01-26 18:54:37

(RHSA-2021:0223) Important: sudo security update

2021-01-26 19:00:30

(RHSA-2021:0218) Important: sudo security update

2021-01-26 18:53:36

cisa_kev

Sudo Heap-Based Buffer Overflow Vulnerability

2022-04-06 00:00:00

cve

CVE-2021-3156

2021-01-26 21:15:00

cloudlinux

Fix CVE-2021-3156: Heap-based buffer overflow in sudo

2021-01-27 12:30:00

oraclelinux

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

almalinux

Important: sudo security update

2021-01-26 18:53:36

cisa

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

2021-02-02 00:00:00

ics

Johnson Controls Sensormatic Tyco AI

2021-05-13 12:00:00

Johnson Controls Sensormatic Electronics Illustra

2021-09-02 12:00:00

Johnson Controls Sensormatic Electronics VideoEdge

2021-05-27 12:00:00

K86488846 : Sudo vulnerability CVE-2021-3156

2021-01-29 00:00:00

alpinelinux

CVE-2021-3156

2021-01-26 21:15:00

virtuozzo

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

2021-01-27 00:00:00

[Important] [Security] Virtuozzo Hybrid Infrastructure 4.0 Update 1.2 (4.0.1-49)

2020-02-03 00:00:00

cisco

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

2021-01-29 21:30:00

paloalto

Informational: Impact of Sudo Vulnerability CVE-2021-3156

2021-02-10 17:00:00

metasploit

Sudo Heap-Based Buffer Overflow

2021-02-04 14:25:40

cert

Sudo set_cmd() is vulnerable to heap-based buffer overflow

2021-02-04 00:00:00

centos

sudo security update

2021-01-27 00:11:23

ibm

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

2021-04-12 22:48:01

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0358

2021-01-29 00:00:00

Important Photon OS Security Update - PHSA-2021-0188

2021-01-27 00:00:00

redos

ROS-2-613

2021-09-08 00:00:00

ROS-2-438

2021-12-24 00:00:00

altlinux

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1

2021-02-06 00:00:00

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1

2021-01-27 00:00:00

packetstorm

Sudo Buffer Overflow / Privilege Escalation

2021-02-01 00:00:00

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

2021-02-03 00:00:00

Sudo Heap-Based Buffer Overflow

2021-01-27 00:00:00

avleonov

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

2021-03-02 01:07:00

ubuntucve

CVE-2021-3156

2021-01-26 00:00:00

ubuntu

Sudo vulnerability

2021-01-27 00:00:00

checkpoint_security

Check Point CVE-2021-3156 (sudo Privilege Escalation)

2021-01-28 08:21:18

veracode

Privilege Escalation

2021-01-26 21:59:42

qualysblog

Qualys Research Wins Two 2021 Pwnie Awards

2021-08-05 01:44:02

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

2021-01-26 18:09:09

threatpost

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

2021-08-30 21:46:56

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

2021-01-27 19:16:41

redhatcve

CVE-2021-3156

2021-01-26 19:51:28

amazon

Important: sudo

2021-01-25 23:09:00

Important: sudo

2021-01-26 00:11:00

mageia

Updated sudo packages fix security vulnerability

2021-01-27 03:40:21

prion

Heap overflow

2021-01-26 21:15:00

cvelist

CVE-2021-3156

2021-01-26 00:00:00

debiancve

CVE-2021-3156

2021-01-26 21:15:00

freebsd

sudo -- Multiple vulnerabilities

2021-01-26 00:00:00

slackware

[slackware-security] sudo

2021-01-26 21:34:51

exploitdb

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

2021-02-03 00:00:00

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

2021-02-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

0.97 High

EPSS

Percentile

99.7%

JSON

Related for HUAWEI-SA-20210310-01-ESCALATION