CVE Vulnerabilities

CVE-2013-1775

Published: Mar 05, 2013 | Modified: Nov 28, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
RedHat/V3
Ubuntu

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

Affected Software

Name Vendor Start Version End Version
Sudo Todd_miller 1.6 (including) 1.6 (including)
Sudo Todd_miller 1.6.1 (including) 1.6.1 (including)
Sudo Todd_miller 1.6.2 (including) 1.6.2 (including)
Sudo Todd_miller 1.6.2p3 (including) 1.6.2p3 (including)
Sudo Todd_miller 1.6.3 (including) 1.6.3 (including)
Sudo Todd_miller 1.6.3_p7 (including) 1.6.3_p7 (including)
Sudo Todd_miller 1.6.4 (including) 1.6.4 (including)
Sudo Todd_miller 1.6.4p2 (including) 1.6.4p2 (including)
Sudo Todd_miller 1.6.5 (including) 1.6.5 (including)
Sudo Todd_miller 1.6.6 (including) 1.6.6 (including)
Sudo Todd_miller 1.6.7 (including) 1.6.7 (including)
Sudo Todd_miller 1.6.7p5 (including) 1.6.7p5 (including)
Sudo Todd_miller 1.6.8 (including) 1.6.8 (including)
Sudo Todd_miller 1.6.8p12 (including) 1.6.8p12 (including)
Sudo Todd_miller 1.6.9 (including) 1.6.9 (including)
Sudo Todd_miller 1.6.9p20 (including) 1.6.9p20 (including)
Sudo Todd_miller 1.6.9p21 (including) 1.6.9p21 (including)
Sudo Todd_miller 1.6.9p22 (including) 1.6.9p22 (including)
Sudo Todd_miller 1.6.9p23 (including) 1.6.9p23 (including)
Red Hat Enterprise Linux 5 RedHat sudo-0:1.7.2p1-28.el5 *
Red Hat Enterprise Linux 6 RedHat sudo-0:1.8.6p3-12.el6 *
Sudo Ubuntu devel *
Sudo Ubuntu hardy *
Sudo Ubuntu lucid *
Sudo Ubuntu oneiric *
Sudo Ubuntu precise *
Sudo Ubuntu quantal *
Sudo Ubuntu upstream *

References