by vicarius
log in join community
by @acidburn
09 Sep 2024
#cve_analysis

Write a blog analysis for a CVE

publish

sudoedit pwned (CVE-2021-3156)

by @acidburn
by @acidburn
09 Sep 2024
#cve_analysis

Write a blog analysis for a CVE

publish

sudoedit pwned (CVE-2021-3156)

CVEs

CVE-2021-3156
7.8 High Severity

OS

SF
Skynas FirmwareSynology
6.2.3-25426.*
*.*
-.*
VF
Vs960hd FirmwareSynology
2.3.6-1720.*
2.2.3-1505.*
*.*
-.*
MW6
Micros Workstation 6 FirmwareOracle
655.*
*.*
610.*
MW5
Micros Workstation 5A FirmwareOracle
5A.*
MKD
Micros Kitchen Display System FirmwareOracle
210.*
MEF
Micros ES400 FirmwareOracle
*.*
410.*
400.*
MCW
Micros Compact Workstation 3 FirmwareOracle
310.*
Fedora
FedoraFedoraproject
*.*
3334.*
37.*
30.*
40.*
38.*
28.*
31.*
34.*
36.*
Debian Linux
Debian LinuxDebian
22.04.*
2.5.3-3.*
2.5.3-16.*
2.5.2-1.*
*.*
2.1.8.8.p3-1.1.*
10.10.*
3.0.23.*
12.4.*
3.0.18.*

Apps

PMF
Privilege Management for MacBeyondtrust
5.4.123.*
*.*
21.1.1.*
5.7.-
5.7.SR1
5.7.SR2
5.6.*
4.2.-
4.2.SR2
4.5.*
PMF
Privilege Management for Unix/linuxBeyondtrust
10.3.2-10.*
*.*
-.*
Sudo
SudoSudo Project
*.P2
*.*
1.8.32.*
1.8.29.RC1
1.8.29.-
1.8.29.*
1.8.31.*
1.8.30.*
1.8.22.*
1.8.27.*
DM
Diskstation ManagerSynology
7.2.1-69057-2.*
7.1.1-42962-2.*
6.2.4-25556-2.*
6.2.4-25556-4.*
6.2.4-25553.*
7.0.1-42218-2.*
6.2.4-25556-3.*
6.2.3-25426-3.*
6.2.3-25426-2.*
6.2.3 25426.*
DMU
Diskstation Manager Unified ControllerSynology
3.1.*
3.0.*
OSD
Ontap Select Deploy Administration UtilityNetapp
2.12.2.*
2.11.3.*
2.1.*
2.0.*
2.2.1.*
-.*
CB
Cloud BackupNetapp
*.*
-.*
OUM
Oncommand Unified Manager Core PackageNetapp
5.2.2.*
5.2.5.*
5.2.1.*
5.1.*
5.0.1.*
5.2.4.*
5.2.*
5.0.*
5.0.2.*
-.*
OT
Ontap ToolsNetapp
*.*
9.*
-.*
S
SolidfireNetapp
-.*
HMN
HCI Management NodeNetapp
-.*
TPD
Tekelec Platform DistributionOracle
*.*
7.7.1.*
7.4.0.*
CPI
Communications Performance Intelligence CenterOracle
10.4.0.3.1.*
10.4.0.1.0.*
10.3.0.2.1.*
10.4.0.2.*
10.4.0.3.*
*.*
10.3.0.0.0.*
10.2.1.*
Web Gateway
Web GatewayMcafee
7.8.2.23.*
7.8.2.22.*
7.8.2.21.*
7.8.2.20.*
7.8.2.19.*
7.8.2.18.*
7.8.2.17.*
7.8.2.16.*
7.8.2.15.*
7.7.2.13.*

Screenshots from the blog posts

images/cm0nhkb561q8i1hn573mtgfcf.jpgimages/cm0nhkb561q8i1hn573mtgfcf.jpg

Summary

In depth analysis of CVE-2021-3156 and how the exploit development proces would take place.

Description

Tags

#binary#CVE-2021-3156#sudo#cve-analysis
users/photos/clyborebbw3981gmw1isn3n4p.jpg

@acidburn

1 post

Systems are meant to be tested; boundaries are meant to be pushed

Total vcoins

1K

Comments (0)