Project Update

linux-exploit-suggester.sh

@@ -256,21 +256,39 @@ EOF
 )
 
 EXPLOITS[((n++))]=$(cat <<EOF
-Name: ${txtgrn}[CVE-2009-2698]${txtrst} udp_sendmsg (by spender)
+Name: ${txtgrn}[CVE-2009-2698]${txtrst} the rebel (udp_sendmsg)
 Reqs: pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19
-Tags:
+Tags: debian=4
 Rank: 1
 src-url: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/9574.tgz
 exploit-db: 9574
+analysis-url: https://blog.cr0.org/2009/08/cve-2009-2698-udpsendmsg-vulnerability.html
+author: spender
+Comments: /proc/sys/vm/mmap_min_addr needs to equal 0 OR pulseaudio needs to be installed
 EOF
 )
 
 EXPLOITS[((n++))]=$(cat <<EOF
-Name: ${txtgrn}[CVE-2009-2698]${txtrst} udp_sendmsg
-Reqs: pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19
+Name: ${txtgrn}[CVE-2009-2698]${txtrst} hoagie_udp_sendmsg
+Reqs: pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19,x86
 Tags: debian=4
 Rank: 1
 exploit-db: 9575
+analysis-url: https://blog.cr0.org/2009/08/cve-2009-2698-udpsendmsg-vulnerability.html
+author: andi
+Comments: Works for systems with /proc/sys/vm/mmap_min_addr equal to 0
+EOF
+)
+
+EXPLOITS[((n++))]=$(cat <<EOF
+Name: ${txtgrn}[CVE-2009-2698]${txtrst} katon (udp_sendmsg)
+Reqs: pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19,x86
+Tags: debian=4
+Rank: 1
+src-url: https://github.com/Kabot/Unix-Privilege-Escalation-Exploits-Pack/raw/master/2009/CVE-2009-2698/katon.c
+analysis-url: https://blog.cr0.org/2009/08/cve-2009-2698-udpsendmsg-vulnerability.html
+author: VxHell Labs
+Comments: Works for systems with /proc/sys/vm/mmap_min_addr equal to 0
 EOF
 )
 
@@ -279,7 +297,10 @@ Name: ${txtgrn}[CVE-2009-2698]${txtrst} ip_append_data
 Reqs: pkg=linux-kernel,ver>=2.6.1,ver<=2.6.19,x86
 Tags: fedora=4|5|6,RHEL=4
 Rank: 1
+analysis-url: https://blog.cr0.org/2009/08/cve-2009-2698-udpsendmsg-vulnerability.html
 exploit-db: 9542
+author: p0c73n1
+Comments: Works for systems with /proc/sys/vm/mmap_min_addr equal to 0
 EOF
 )
 
@@ -871,6 +892,18 @@ author: Vitaly 'vnik' Nikolenko
 EOF
 )
 
+EXPLOITS[((n++))]=$(cat <<EOF
+Name: ${txtgrn}[CVE-2021-27365]${txtrst} linux-iscsi
+Reqs: pkg=linux-kernel,ver<=5.11.3,CONFIG_SLAB_FREELIST_HARDENED!=y
+Tags: RHEL=8
+Rank: 1
+analysis-url: https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html
+src-url: https://codeload.github.com/grimm-co/NotQuite0DayFriday/zip/trunk
+Comments: CONFIG_SLAB_FREELIST_HARDENED must not be enabled
+author: GRIMM
+EOF
+)
+
 ############ USERSPACE EXPLOITS ###########################
 n=0
 
@@ -1399,6 +1432,38 @@ Comments: Requires an administrator to login via the web interface.
 EOF
 )
 
+EXPLOITS_USERSPACE[((n++))]=$(cat <<EOF
+Name: ${txtgrn}[CVE-2021-3156]${txtrst} sudo Baron Samedit
+Reqs: pkg=sudo,ver<1.9.5p2
+Tags: mint=19,ubuntu=18|20, debian=10
+Rank: 1
+analysis-url: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
+src-url: https://codeload.github.com/blasty/CVE-2021-3156/zip/main
+author: blasty
+EOF
+)
+
+EXPLOITS_USERSPACE[((n++))]=$(cat <<EOF
+Name: ${txtgrn}[CVE-2021-3156]${txtrst} sudo Baron Samedit 2
+Reqs: pkg=sudo,ver<1.9.5p2
+Tags: centos=6|7|8,ubuntu=14|16|17|18|19|20, debian=9|10
+Rank: 1
+analysis-url: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
+src-url: https://codeload.github.com/worawit/CVE-2021-3156/zip/main
+author: worawit
+EOF
+)
+
+EXPLOITS_USERSPACE[((n++))]=$(cat <<EOF
+Name: ${txtgrn}[CVE-2017-5618]${txtrst} setuid screen v4.5.0 LPE
+Reqs: pkg=screen,ver==4.5.0
+Tags: 
+Rank: 1
+analysis-url: https://seclists.org/oss-sec/2017/q1/184
+exploit-db: https://www.exploit-db.com/exploits/41154
+EOF
+)
+
 ###########################################################
 ## security related HW/kernel features
 ###########################################################