QwikSec

Security Database

CVE

CWE

Training

CVE-2013-1775

Published: Mar 4, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

http://www.sudo.ws/repos/sudo/rev/ddf399e3e306

x_refsource_CONFIRM

http://www.sudo.ws/sudo/alerts/epoch_ticket.html

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2013:0495

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

APPLE-SA-2015-08-13-2

vendor-advisory

x_refsource_APPLE

APPLE-SA-2013-09-12-1

vendor-advisory

x_refsource_APPLE

SSA:2013-065-01

vendor-advisory

x_refsource_SLACKWARE

[oss-security] 20130227 CVE request: sudo authentication bypass when clock is reset

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

https://support.apple.com/kb/HT205031

x_refsource_CONFIRM

http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f

x_refsource_CONFIRM

http://support.apple.com/kb/HT5880

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.