Skip to content

Pwnies

recognize both excellence and incompetence in the field of information security

  • news
  • About
  • noms
  • winners
  • previous
  • team

The 2021 Pwnie Winner For Best Privilege Escalation Bug

Heap-based buffer overflow in Sudo!

Researcher Name: Baron Samedit – Qualys

Link: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt

CVE: CVE-2021-3156

A 10-year-old bug on a very popular security boundary. This bug is unique as it couldn’t be fuzzed out and required knowledge of how the system interacts with sudo, making it a very clever find.

calendar

Apr 27
Nominations open
Jul 14
Nominees announced, Summercon 2023, Brooklyn, NY
Aug 9
6:30pm PDT At BlackHat USA, Mandalay Bay, Oceanside D, Level 2, Las Vegas, NV

awards ceremony

Date
August 9
Time
6:30pm PDT
Where
Black Hat USA 2023, Mandalay Bay Oceanside D, Level 2

follow us

  • twitter
  • atom feed

Archives

  • Nominations and Winners Archive
Copyright © 2007-2023 Pwnie Awards LLC. Designed by ikonoklasm.