Lucene search
GoogleOSV:DSA-2642-1HistoryMar 09, 2013 - 12:00 a.m.
sudo - several issues
2013-03-0900:00:00
Google
osv.dev
10
0.0004 Low
EPSS
Percentile
13.1%
Several vulnerabilities have been discovered in sudo, a program designed
to allow a sysadmin to give limited root privileges to users. The Common
Vulnerabilities and Exposures project identifies the following problems:
- CVE-2013-1775
Marco Schoepl discovered an authentication bypass when the clock is
set to the UNIX epoch [00:00:00 UTC on 1 January 1970]. - CVE-2013-1776
Ryan Castellucci and James Ogden discovered aspects of an issue that
would allow session id hijacking from another authorized tty.
For the stable distribution (squeeze), these problems have been fixed in
version 1.7.4p4-2.squeeze.4.
For the testing (wheezy) and unstable (sid) distributions, these problems
have been fixed in version 1.8.5p2-1+nmu1.
We recommend that you upgrade your sudo packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sudo | eq | 1.7.4p4-2.squeeze.1 | |
| sudo | eq | 1.7.4p4-2.squeeze.2 | |
| sudo | eq | 1.7.4p4-2.squeeze.3 |
References
Related
securityvulns
securityvulns
sudo protection bypass
2013-03-10 00:00:00
[USN-1754-1] Sudo vulnerability
2013-03-02 00:00:00
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00
slackware
slackware
sudo
2013-03-06 20:52:08
nessus
nessus
openSUSE Security Update : sudo (openSUSE-SU-2013:0495-1)
2014-06-13 00:00:00
Fedora 17 : sudo-1.8.6p7-1.fc17 (2013-3270)
2013-03-20 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: sudo-1.8.6p7-1.fc18
2013-03-16 01:22:34
[SECURITY] Fedora 17 Update: sudo-1.8.6p7-1.fc17
2013-03-19 20:04:50
openvas
openvas
Fedora Update for sudo FEDORA-2013-3297
2013-03-19 00:00:00
Fedora Update for sudo FEDORA-2013-3297
2013-03-19 00:00:00
Slackware: Security Advisory (SSA:2013-065-01)
2022-04-21 00:00:00
debian
debian
[SECURITY] [DSA 2642-1] sudo security update
2013-03-09 08:35:30
redhat
redhat
(RHSA-2013:1353) Low: sudo security and bug fix update
2013-09-30 16:52:28
(RHSA-2013:1701) Low: sudo security, bug fix and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
centos
centos
sudo security update
2013-10-07 13:01:59
sudo security update
2013-11-26 13:33:00
gentoo
gentoo
sudo: Privilege escalation
2014-01-21 00:00:00
oraclelinux
oraclelinux
sudo security and bug fix update
2013-10-02 00:00:00
sudo security, bug fix and enhancement update
2013-11-25 00:00:00
canvas
canvas
Immunity Canvas: SUDO_TIMESTAMP
2013-03-05 21:38:00
cvelist
cvelist
thn
thn
threatpost
threatpost
Metasploit Module Adds Sudo Vulnerability for OS X
2013-08-29 13:28:56
Time Stamp Bug in Sudo Could Have Allowed Code Entry
2013-03-05 18:17:50
ubuntucve
ubuntucve
nvd
nvd
packetstorm
packetstorm
Mac OS X 10.8.4 Local Privilege Escalation
2013-08-30 00:00:00
Mac OS X Sudo Password Bypass
2013-08-26 00:00:00
ubuntu
ubuntu
Sudo vulnerability
2013-02-28 00:00:00
freebsd
freebsd
sudo -- Authentication bypass when clock is reset
2013-02-27 00:00:00
sudo -- Potential bypass of tty_tickets constraints
2013-02-27 00:00:00
seebug
seebug
Mac OS X Sudo Password Bypass
2014-07-01 00:00:00
veracode
veracode
Authentication Bypass
2019-01-15 08:51:56
Privilege Escalation
2019-01-15 08:52:05
Authentication Bypass
2019-05-02 04:59:14
metasploit
metasploit
Mac OS X Sudo Password Bypass
2013-08-26 19:52:51
zdt
zdt
Mac OS X Sudo Password Bypass Vulnerability
2013-08-27 00:00:00
debiancve
debiancve
prion
prion
Input validation
2013-04-08 17:55:00
Code injection
2013-03-05 21:38:00
Input validation
2013-04-08 17:55:00
cve
cve
exploitdb
exploitdb
Apple Mac OSX - Sudo Password Bypass (Metasploit)
2013-08-29 00:00:00
amazon
amazon
Low: sudo
2013-12-11 20:34:00