Executive Summary

Informations
Name CVE-2013-2776 First vendor Publication 2013-04-08
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.4 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2776

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:27220
 
Oval ID: oval:org.mitre.oval:def:27220
Title: RHSA-2013:1353 -- sudo security and bug fix update (Low)
Description: The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. (CVE-2013-1775) It was found that sudo did not properly validate the controlling terminal device when the tty_tickets option was enabled in the /etc/sudoers file. An attacker able to run code as a local user could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. (CVE-2013-1776, CVE-2013-2776) This update also fixes the following bugs: * Due to a bug in the cycle detection algorithm of the visudo utility, visudo incorrectly evaluated certain alias definitions in the /etc/sudoers file as cycles. Consequently, a warning message about undefined aliases appeared. This bug has been fixed, /etc/sudoers is now parsed correctly by visudo and the warning message no longer appears. (BZ#849679) * Previously, the 'sudo -l' command did not parse the /etc/sudoers file correctly if it contained an Active Directory (AD) group. The file was parsed only up to the first AD group information and then the parsing failed with the following message: sudo: unable to cache group ADDOM\admingroup, already exists With this update, the underlying code has been modified and 'sudo -l' now parses /etc/sudoers containing AD groups correctly. (BZ#855836) * Previously, the sudo utility did not escape the backslash characters contained in user names properly. Consequently, if a system used sudo integrated with LDAP or Active Directory (AD) as the primary authentication mechanism, users were not able to authenticate on that system. With this update, sudo has been modified to process LDAP and AD names correctly and the authentication process now works as expected. (BZ#869287) * Prior to this update, the 'visudo -s (strict)' command incorrectly parsed certain alias definitions. Consequently, an error message was issued. The bug has been fixed, and parsing errors no longer occur when using 'visudo -s'. (BZ#905624) All sudo users are advised to upgrade to this updated package, which contains backported patches to correct these issues.
Family: unix Class: patch
Reference(s): RHSA-2013:1353
CESA-2013:1353
CVE-2013-1775
CVE-2013-1776
CVE-2013-2776
 Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): sudo
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27476
 
Oval ID: oval:org.mitre.oval:def:27476
Title: ELSA-2013-1353 -- sudo security and bug fix update (low)
Description: [1.7.2p1-28] - backported fixes for CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 Resolves: rhbz#968221
Family: unix Class: patch
Reference(s): ELSA-2013-1353
CVE-2013-1775
CVE-2013-1776
CVE-2013-2776
 Version: 3
Platform(s): Oracle Linux 5
 Product(s): sudo
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 64
Os 102

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-08-20 IAVM : 2015-A-0199 - Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337

Nessus® Vulnerability Scanner

Date Description
2016-06-22 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2016-0079.nasl - Type : ACT_GATHER_INFO
2015-08-17 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_5.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1701.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2013-1353.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO
2014-01-22 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-23.nasl - Type : ACT_GATHER_INFO
2013-12-14 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2013-259.nasl - Type : ACT_GATHER_INFO
2013-12-10 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_sudo_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1701.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1701.nasl - Type : ACT_GATHER_INFO
2013-10-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130930_sudo_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2013-1353.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1353.nasl - Type : ACT_GATHER_INFO
2013-05-16 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_sudo-130430.nasl - Type : ACT_GATHER_INFO
2013-05-16 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_sudo-8562.nasl - Type : ACT_GATHER_INFO
2013-03-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2642.nasl - Type : ACT_GATHER_INFO
2013-03-07 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2013-065-01.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
http://rhn.redhat.com/errata/RHSA-2013-1353.html
http://rhn.redhat.com/errata/RHSA-2013-1701.html
http://www.debian.org/security/2013/dsa-2642
http://www.openwall.com/lists/oss-security/2013/02/27/31
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546....
http://www.securityfocus.com/bid/58207
http://www.securityfocus.com/bid/62741
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&...
http://www.sudo.ws/repos/sudo/rev/049a12a5cc14
http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa
http://www.sudo.ws/sudo/alerts/tty_tickets.html
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023
https://bugzilla.redhat.com/show_bug.cgi?id=916365
https://exchange.xforce.ibmcloud.com/vulnerabilities/82453
https://support.apple.com/kb/HT205031
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Date Informations
2024-11-28 12:35:13
  • Multiple Updates
2021-05-04 12:25:19
  • Multiple Updates
2021-04-22 01:30:16
  • Multiple Updates
2020-05-24 01:11:23
  • Multiple Updates
2020-05-23 00:37:11
  • Multiple Updates
2017-08-29 09:24:15
  • Multiple Updates
2016-11-29 00:24:49
  • Multiple Updates
2016-09-09 09:23:16
  • Multiple Updates
2016-09-01 01:01:41
  • Multiple Updates
2016-06-29 00:30:47
  • Multiple Updates
2016-06-28 19:31:13
  • Multiple Updates
2016-06-23 13:29:27
  • Multiple Updates
2016-03-31 05:24:13
  • Multiple Updates
2015-10-18 17:22:19
  • Multiple Updates
2015-08-18 13:34:47
  • Multiple Updates
2015-08-18 09:19:18
  • Multiple Updates
2014-11-13 13:26:50
  • Multiple Updates
2014-11-08 13:30:59
  • Multiple Updates
2014-02-17 11:19:56
  • Multiple Updates
2014-01-28 13:19:37
  • Multiple Updates
2014-01-08 13:19:47
  • Multiple Updates
2013-10-11 13:26:30
  • Multiple Updates
2013-09-12 13:20:23
  • Multiple Updates
2013-05-10 22:30:31
  • Multiple Updates
2013-04-09 21:19:39
  • Multiple Updates
2013-04-08 21:19:46
  • First insertion