Permissions, Privileges, and Access Controls in Sudo

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU32716

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2013-1775

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Sudo: 1.7.10p6 - 1.8.6p6

CPE2.3

• cpe:2.3:a:sudo:sudo:1.7.10p6:*:*:*:*:*:*:*

External links

http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html
http://osvdb.org/90677
http://rhn.redhat.com/errata/RHSA-2013-1353.html
http://rhn.redhat.com/errata/RHSA-2013-1701.html
http://support.apple.com/kb/HT5880
http://www.debian.org/security/2013/dsa-2642
http://www.openwall.com/lists/oss-security/2013/02/27/22
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/bid/58203
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440
http://www.sudo.ws/repos/sudo/rev/ddf399e3e306
http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f
http://www.sudo.ws/sudo/alerts/epoch_ticket.html
http://www.ubuntu.com/usn/USN-1754-1
http://support.apple.com/kb/HT205031

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?