Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-0279. PoCs published by MaXX.
AI-analyzed exploit summary This exploit targets a heap-based buffer overflow in sudo's logging component (CVE-2001-0279) to achieve local privilege escalation. It manipulates heap memory structures to overwrite critical pointers and execute shellcode, granting root access.
Description
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by MaXX · clocallinux
https://www.exploit-db.com/exploits/20901
This exploit targets a heap-based buffer overflow in sudo's logging component (CVE-2001-0279) to achieve local privilege escalation. It manipulates heap memory structures to overwrite critical pointers and execute shellcode, granting root access.
Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target:
sudo 1.6.1-1 (Red Hat Linux 6.2)
Auth required
Prerequisites:
Local user access · sudo binary present · Vulnerable sudo version
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (8)
Core 8
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-018.html
Patch mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html
Patch, Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2001/dsa-031
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html
Vendor Advisory vendor-advisory
x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000381
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-019.html
Scores
EPSS
0.0086
EPSS Percentile
53.9%
Details
Status
published
Products (4)
debian/debian_linux
2.2
mandrakesoft/mandrake_linux
7.1
mandrakesoft/mandrake_linux
7.2
mandrakesoft/mandrake_linux_corporate_server
1.0.1
Published
May 03, 2001
Tracked Since
Feb 18, 2026