Permissions, Privileges, and Access Controls in Sudo



Published: 2013-03-05 | Updated: 2020-07-28
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2013-1775
CWE-ID CWE-264
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Sudo
Client/Desktop applications / Software for system administration

Vendor Sudo

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU32716

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2013-1775

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Sudo: 1.7.10p6 - 1.8.6p6


CPE2.3 External links

http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html
http://osvdb.org/90677
http://rhn.redhat.com/errata/RHSA-2013-1353.html
http://rhn.redhat.com/errata/RHSA-2013-1701.html
http://support.apple.com/kb/HT5880
http://www.debian.org/security/2013/dsa-2642
http://www.openwall.com/lists/oss-security/2013/02/27/22
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/bid/58203
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440
http://www.sudo.ws/repos/sudo/rev/ddf399e3e306
http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f
http://www.sudo.ws/sudo/alerts/epoch_ticket.html
http://www.ubuntu.com/usn/USN-1754-1
http://support.apple.com/kb/HT205031

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###