6.9

CVE-2013-1775

Exploit

EPSS 2.05%
Published 05.03.2013 21:38:56
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

Affected products Warnungen 0 Metrics 2 CWE 0 References 20

Data is provided by the National Vulnerability Database (NVD)

Todd Miller ≫ Sudo Version1.6

Todd Miller ≫ Sudo Version1.6.1

Todd Miller ≫ Sudo Version1.6.2

Todd Miller ≫ Sudo Version1.6.2p3

Todd Miller ≫ Sudo Version1.6.3

Todd Miller ≫ Sudo Version1.6.3_p7

Todd Miller ≫ Sudo Version1.6.4

Todd Miller ≫ Sudo Version1.6.4p2

Todd Miller ≫ Sudo Version1.6.5

Todd Miller ≫ Sudo Version1.6.6

Todd Miller ≫ Sudo Version1.6.7

Todd Miller ≫ Sudo Version1.6.7p5

Todd Miller ≫ Sudo Version1.6.8

Todd Miller ≫ Sudo Version1.6.8p12

Todd Miller ≫ Sudo Version1.6.9

Todd Miller ≫ Sudo Version1.6.9p20

Todd Miller ≫ Sudo Version1.6.9p21

Todd Miller ≫ Sudo Version1.6.9p22

Todd Miller ≫ Sudo Version1.6.9p23

Todd Miller ≫ Sudo Version1.8.0

Todd Miller ≫ Sudo Version1.8.1

Todd Miller ≫ Sudo Version1.8.1p1

Todd Miller ≫ Sudo Version1.8.1p2

Todd Miller ≫ Sudo Version1.8.2

Todd Miller ≫ Sudo Version1.8.3

Todd Miller ≫ Sudo Version1.8.3p1

Todd Miller ≫ Sudo Version1.8.3p2

Todd Miller ≫ Sudo Version1.8.4

Todd Miller ≫ Sudo Version1.8.4p1

Todd Miller ≫ Sudo Version1.8.4p2

Todd Miller ≫ Sudo Version1.8.4p3

Todd Miller ≫ Sudo Version1.8.4p4

Todd Miller ≫ Sudo Version1.8.4p5

Todd Miller ≫ Sudo Version1.8.5

Todd Miller ≫ Sudo Version1.8.5p1

Todd Miller ≫ Sudo Version1.8.5p2

Todd Miller ≫ Sudo Version1.8.5p3

Todd Miller ≫ Sudo Version1.8.6

Todd Miller ≫ Sudo Version1.8.6p1

Todd Miller ≫ Sudo Version1.8.6p2

Todd Miller ≫ Sudo Version1.8.6p3

Todd Miller ≫ Sudo Version1.8.6p4

Todd Miller ≫ Sudo Version1.8.6p5

Todd Miller ≫ Sudo Version1.8.6p6

Apple ≫ macOS X Version <= 10.10.4

Todd Miller ≫ Sudo Version1.7.0

Todd Miller ≫ Sudo Version1.7.1

Todd Miller ≫ Sudo Version1.7.2

Todd Miller ≫ Sudo Version1.7.2p1

Todd Miller ≫ Sudo Version1.7.2p2

Todd Miller ≫ Sudo Version1.7.2p3

Todd Miller ≫ Sudo Version1.7.2p4

Todd Miller ≫ Sudo Version1.7.2p5

Todd Miller ≫ Sudo Version1.7.2p6

Todd Miller ≫ Sudo Version1.7.2p7

Todd Miller ≫ Sudo Version1.7.3b1

Todd Miller ≫ Sudo Version1.7.4

Todd Miller ≫ Sudo Version1.7.4p1

Todd Miller ≫ Sudo Version1.7.4p2

Todd Miller ≫ Sudo Version1.7.4p3

Todd Miller ≫ Sudo Version1.7.4p4

Todd Miller ≫ Sudo Version1.7.4p5

Todd Miller ≫ Sudo Version1.7.4p6

Todd Miller ≫ Sudo Version1.7.5

Todd Miller ≫ Sudo Version1.7.6

Todd Miller ≫ Sudo Version1.7.6p1

Todd Miller ≫ Sudo Version1.7.6p2

Todd Miller ≫ Sudo Version1.7.7

Todd Miller ≫ Sudo Version1.7.8

Todd Miller ≫ Sudo Version1.7.8p1

Todd Miller ≫ Sudo Version1.7.8p2

Todd Miller ≫ Sudo Version1.7.9

Todd Miller ≫ Sudo Version1.7.9p1

Todd Miller ≫ Sudo Version1.7.10

Todd Miller ≫ Sudo Version1.7.10p1

Todd Miller ≫ Sudo Version1.7.10p2

Todd Miller ≫ Sudo Version1.7.10p3

Todd Miller ≫ Sudo Version1.7.10p4

Todd Miller ≫ Sudo Version1.7.10p5

Todd Miller ≫ Sudo Version1.7.10p6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.05%	0.832

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

https://support.apple.com/kb/HT205031

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html

http://support.apple.com/kb/HT5880

http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html

http://osvdb.org/90677

http://rhn.redhat.com/errata/RHSA-2013-1353.html

http://rhn.redhat.com/errata/RHSA-2013-1701.html

http://www.debian.org/security/2013/dsa-2642

http://www.openwall.com/lists/oss-security/2013/02/27/22

http://www.securityfocus.com/bid/58203

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440

http://www.sudo.ws/repos/sudo/rev/ddf399e3e306

Patch

Exploit

http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f

Patch

Exploit

http://www.sudo.ws/sudo/alerts/epoch_ticket.html

Vendor Advisory

http://www.ubuntu.com/usn/USN-1754-1

https://nvd.nist.gov/vuln/detail/CVE-2013-1775

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-1775

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-1775

EUVD