CVE-2023-22809-sudoedit-privesc

3 Commits 1 Branch 0 Tags

Author	SHA1	Message	Date
r3nt0n	e6fca2453f	Fixing bugs and improving checks + Improved tests on sudoers config file: the original script have some pitfalls that wouldnt allow to run the script even if the config is vulnerable, for example when sudoedit is configured with (ALL) or (ALL : ALL) instead of (root), which are still vulnerable configurations. In the last case, it will also break the original script because of the way the last grep was implemented, its also fixed on this version. + Added test to check if sudo version is vulnerable. + Fixed bug *"EDITOR: command not found" when trying to open the editor and typo in `etc/sudoers` filename.	2023-02-02 14:38:51 +01:00
Martin Romera Sobrado	0e1fda22d3	Exploit headers Added headers to exploit	2023-01-21 16:26:37 +01:00
Martin Romera Sobrado	c4d113b155	Initial Commit Initial Commit	2023-01-21 16:22:20 +01:00

Author

SHA1

Message

Date

r3nt0n

e6fca2453f

Fixing bugs and improving checks

+ Improved tests on sudoers config file: **the original script have some pitfalls that wouldnt allow to run the script even if the config is vulnerable**, for example when sudoedit is configured with (ALL) or (ALL : ALL) instead of (root), which are still vulnerable configurations. In the last case, it will also break the original script because of the way the last grep was implemented, its also fixed on this version.
+ Added **test to check** if sudo **version** is vulnerable.
+ **Fixed bug** *"EDITOR: command not found" when trying to open the editor and typo in `etc/sudoers` filename.

2023-02-02 14:38:51 +01:00

Martin Romera Sobrado

0e1fda22d3

Exploit headers

Added headers to exploit

2023-01-21 16:26:37 +01:00

Martin Romera Sobrado

c4d113b155

Initial Commit

Initial Commit

2023-01-21 16:22:20 +01:00