Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0279Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

6 documents6 sources
Severity
7.2HIGHNVD
EPSS
0.2%
top 55.82%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Debian LinuxMandrakesoft Mandrake LinuxMandrakesoft Mandrake Linux Corporate Server
Timeline
PublishedMay 3
Latest updateApr 30

Description

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

Also affects: Debian Linux 2.2

Patches

Patch: archives.neohapsis.comPatch: www.debian.orgPatch: www.linux-mandrake.com

🔴Vulnerability Details

2
GHSA
GHSA-8rjr-96wc-j9h5: Buffer overflow in sudo earlier than 12022-04-30
CVEList
CVE-2001-0279: Buffer overflow in sudo earlier than 12001-05-07

💥Exploits & PoCs

1
Exploit-DB
Sudo 1.5/1.6 - Heap Corruption2001-02-22

📋Vendor Advisories

1
Red Hat
security flaw2001-02-22

💬Community

1
Bugzilla
CVE-2001-0279 security flaw2018-08-16
CVE-2001-0279 — Debian Linux vulnerability | cvebase