Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2013-1775

Published: 05/03/2013 Updated: 28/11/2016
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 700
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Todd Miller

Vulnerability Summary

sudo 1.6.0 up to and including 1.7.10p6 and sudo 1.8.0 up to and including 1.8.6p6 allows local users or physically proximate malicious users to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

Vulnerable Product Search on Vulmon Subscribe to Product

todd miller sudo 1.6.9p21

todd miller sudo 1.6.7p5

todd miller sudo 1.6.1

todd miller sudo 1.6.6

todd miller sudo 1.6.9p22

todd miller sudo 1.6.2p3

todd miller sudo 1.6.4

todd miller sudo 1.6.8p12

todd miller sudo 1.6.2

todd miller sudo 1.6.7

todd miller sudo 1.6.9p23

todd miller sudo 1.6.5

todd miller sudo 1.6.3_p7

todd miller sudo 1.6.9

todd miller sudo 1.6.3

todd miller sudo 1.6.4p2

todd miller sudo 1.6.9p20

todd miller sudo 1.6

todd miller sudo 1.6.8

todd miller sudo 1.8.1p2

todd miller sudo 1.8.2

todd miller sudo 1.8.4p3

todd miller sudo 1.8.4p4

todd miller sudo 1.8.6p1

todd miller sudo 1.8.6p2

todd miller sudo 1.8.3

todd miller sudo 1.8.3p1

todd miller sudo 1.8.4p5

todd miller sudo 1.8.5

todd miller sudo 1.8.6p3

todd miller sudo 1.8.6p4

todd miller sudo 1.8.3p2

todd miller sudo 1.8.4

todd miller sudo 1.8.5p1

todd miller sudo 1.8.5p2

todd miller sudo 1.8.6p5

todd miller sudo 1.8.6p6

todd miller sudo 1.8.0

todd miller sudo 1.8.1

todd miller sudo 1.8.1p1

todd miller sudo 1.8.4p1

todd miller sudo 1.8.4p2

todd miller sudo 1.8.5p3

todd miller sudo 1.8.6

apple mac os x

todd miller sudo 1.7.2p2

todd miller sudo 1.7.2p3

todd miller sudo 1.7.0

todd miller sudo 1.7.2p4

todd miller sudo 1.7.4p1

todd miller sudo 1.7.4p6

todd miller sudo 1.7.8p2

todd miller sudo 1.7.9

todd miller sudo 1.7.10p5

todd miller sudo 1.7.10p6

todd miller sudo 1.7.3b1

todd miller sudo 1.7.2

todd miller sudo 1.7.1

todd miller sudo 1.7.4p4

todd miller sudo 1.7.5

todd miller sudo 1.7.6

todd miller sudo 1.7.9p1

todd miller sudo 1.7.10

todd miller sudo 1.7.4p5

todd miller sudo 1.7.2p6

todd miller sudo 1.7.2p7

todd miller sudo 1.7.4p2

todd miller sudo 1.7.6p1

todd miller sudo 1.7.6p2

todd miller sudo 1.7.7

todd miller sudo 1.7.10p1

todd miller sudo 1.7.10p2

todd miller sudo 1.7.2p1

todd miller sudo 1.7.2p5

todd miller sudo 1.7.4p3

todd miller sudo 1.7.4

todd miller sudo 1.7.8

todd miller sudo 1.7.8p1

todd miller sudo 1.7.10p3

todd miller sudo 1.7.10p4

Vendor Advisories

Red Hat: Low: sudo security and bug fix update
Synopsis Low: sudo security and bug fix update Type/Severity Security Advisory: Low Topic An updated sudo package that fixes multiple security issues and severalbugs is now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having lowsecurity impact Common ...
Red Hat: Low: sudo security, bug fix and enhancement update
Synopsis Low: sudo security, bug fix and enhancement update Type/Severity Security Advisory: Low Topic An updated sudo package that fixes two security issues, several bugs, andadds two enhancements is now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as ha ...
Debian CVElist Bug Report Logs: sudo: CVE-2013-1775 authentication bypass when clock is reset
Debian Bug report logs - #701838 sudo: CVE-2013-1775 authentication bypass when clock is reset Package: sudo; Maintainer for sudo is Bdale Garbee <bdale@gagcom>; Source for sudo is src:sudo (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Wed, 27 Feb 2013 20:12:01 UTC Severity: grave Tags: secu ...
Ubuntu Security Notice: sudo vulnerability
Sudo could be made to run programs as the administrator without a password prompt ...
Debian Security Advisories: DSA-2642-1 sudo -- several issues
Several vulnerabilities have been discovered in sudo, a program designed to allow a sysadmin to give limited root privileges to users The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1775 Marco Schoepl discovered an authentication bypass when the clock is set to the UNIX epoch [00:00:00 UTC on 1 ...
Amazon Linux AMI: ALAS-2013-259
A flaw was found in the way sudo handled time stamp files An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password (CVE-2013-1775) It was found that sudo did not ...

Exploits

Exploit DB: Mac OS X Sudo Password Bypass
This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775 Tested working on Mac OS 107-1084, and possibly lower versions If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run th ...
Exploit DB: Apple Mac OSX - Sudo Password Bypass (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # # metasploitcom/ ## require 'shellwords' class Metasploit3 < Msf::Exploit::Local # ManualRanking because it's going to modify ...
Exploit DB: Apple Mac OSX 10.8.4 - Local Privilege Escalation (Python)
#!/usr/bin/python # Original MSF Module: # githubcom/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudo_password_bypassrb ################################################################################################### # Exploit Title: OSX <= 1084 Local Root Priv Escalation Root Reverse Shell # Date: 08-27- ...

Github Repositories

https://github.com/bekhzod0725/perl-CVE-2013-1775

CVE-2013-1775 Exploit written in Perl

CVE-2013-1775 Apple Mac OSX 1084 - Privilege Escalation Perl version of CVE-2013-1775 Apple Mac OSX 1084 - Privelege Escalation exploit References: wwwexploit-dbcom/exploits/27965/ githubcom/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudo_password_bypassrb wwwexploit-dbcom/exploits/27944/

References

CWE-264http://www.openwall.com/lists/oss-security/2013/02/27/22http://www.sudo.ws/repos/sudo/rev/ebd6cc75020fhttp://osvdb.org/90677http://www.sudo.ws/sudo/alerts/epoch_ticket.htmlhttp://www.sudo.ws/repos/sudo/rev/ddf399e3e306http://www.ubuntu.com/usn/USN-1754-1http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.htmlhttp://www.debian.org/security/2013/dsa-2642http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlhttp://support.apple.com/kb/HT5880http://rhn.redhat.com/errata/RHSA-2013-1353.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1701.htmlhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlhttps://support.apple.com/kb/HT205031http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.securityfocus.com/bid/58203https://access.redhat.com/errata/RHSA-2013:1353https://usn.ubuntu.com/1754-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/27944/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook