Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2023-22809

Description

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.

POC

Reference

- http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html

- http://packetstormsecurity.com/files/172509/Sudoedit-Extra-Arguments-Privilege-Escalation.html

- http://packetstormsecurity.com/files/174234/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Modification.html

- http://seclists.org/fulldisclosure/2023/Aug/21

- http://www.openwall.com/lists/oss-security/2023/01/19/1

Github

- https://github.com/0day404/vulnerability-poc

- https://github.com/0xor0ne/awesome-list

- https://github.com/0xsyr0/OSCP

- https://github.com/3yujw7njai/CVE-2023-22809-sudo-POC

- https://github.com/AMatheusFeitosaM/OSCP-Cheat

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/AiK1d/CVE-2023-22809-sudo-POC

- https://github.com/AntiVlad/CVE-2023-22809

- https://github.com/ArtemCyberLab/Project-Vulnerability-Research-and-Privilege-Escalation

- https://github.com/CKevens/CVE-2023-22809-sudo-POC

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/Chan9Yan9/CVE-2023-22809

- https://github.com/D0rDa4aN919/CVE-2023-22809-Exploiter

- https://github.com/D0rDa4aN919/D0rDa4aN919

- https://github.com/EnriqueSanchezdelVillar/NotesHck

- https://github.com/Faizan-Khanx/OSCP

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/Jalexander798/JA_Tools-Cybersecurity-Resource-2

- https://github.com/KayCHENvip/vulnerability-poc

- https://github.com/M4fiaB0y/CVE-2023-22809

- https://github.com/P4x1s/CVE-2023-22809-sudo-POC

- https://github.com/ReflectedThanatos/OSCP-cheatsheet

- https://github.com/SantoriuHen/NotesHck

- https://github.com/SenukDias/OSCP_cheat

- https://github.com/SirElmard/ethical_hacking

- https://github.com/Spydomain/CVE-2023-22809-automated-python-exploits

- https://github.com/Threekiii/Awesome-POC

- https://github.com/Threekiii/CVE

- https://github.com/Toothless5143/CVE-2023-22809

- https://github.com/VishuGahlyan/OSCP

- https://github.com/XiaomingX/awesome-poc-for-red-team

- https://github.com/Zeyad-Azima/Remedy4me

- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android

- https://github.com/alarmant0/Vulnerability-Assessment-ISCTE

- https://github.com/asepsaepdin/CVE-2021-1732

- https://github.com/asepsaepdin/CVE-2023-22809

- https://github.com/bachkhoasoft/awesome-list-ks

- https://github.com/beruangsalju/LocalPrivelegeEscalation

- https://github.com/beruangsalju/LocalPrivilegeEscalation

- https://github.com/d4n-sec/d4n-sec.github.io

- https://github.com/exfilt/CheatSheet

- https://github.com/fazilbaig1/oscp

- https://github.com/hello4r1end/patch_CVE-2023-22809

- https://github.com/hktalent/TOP

- https://github.com/jitmondal1/OSCP

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/kgwanjala/oscp-cheatsheet

- https://github.com/laxmiyamkolu/SUDO-privilege-escalation

- https://github.com/lineeralgebra/My-Favorite-Boxes

- https://github.com/manas3c/CVE-POC

- https://github.com/mikuyaQAQ/23NBugRange

- https://github.com/myh0301/KNOWHOW

- https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc

- https://github.com/n3m1dotsys/n3m1dotsys

- https://github.com/n3m1sys/CVE-2023-22809-sudoedit-privesc

- https://github.com/n3m1sys/n3m1sys

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/oscpname/OSCP_cheat

- https://github.com/parth45/cheatsheet

- https://github.com/pashayogi/CVE-2023-22809

- https://github.com/revanmalang/OSCP

- https://github.com/sandinak/sudosh

- https://github.com/spidoman/CVE-2023-22809-automated-python-exploits

- https://github.com/stefan11111/rdoedit

- https://github.com/txuswashere/OSCP

- https://github.com/whoforget/CVE-POC

- https://github.com/x00tex/hackTheBox

- https://github.com/xhref/OSCP

- https://github.com/youwizard/CVE-POC

- https://github.com/zhanpengliu-tencent/medium-cve

- https://github.com/zulloper/cve-poc