Описание
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2013-1775
- https://support.apple.com/kb/HT205031
- http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html
- http://osvdb.org/90677
- http://rhn.redhat.com/errata/RHSA-2013-1353.html
- http://rhn.redhat.com/errata/RHSA-2013-1701.html
- http://support.apple.com/kb/HT5880
- http://www.debian.org/security/2013/dsa-2642
- http://www.openwall.com/lists/oss-security/2013/02/27/22
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/58203
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440
- http://www.sudo.ws/repos/sudo/rev/ddf399e3e306
- http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f
- http://www.sudo.ws/sudo/alerts/epoch_ticket.html
- http://www.ubuntu.com/usn/USN-1754-1
EPSS
CVE ID
Связанные уязвимости
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows loca ...
ELSA-2013-1701: sudo security, bug fix and enhancement update (LOW)
EPSS