CVE-2013-1775

CVE Details

Release Date:2013-02-27

Description


sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.

See more information about CVE-2013-1775 from MITRE CVE dictionary and NIST NVD


CVSS v2.0 metrics


NOTE: The following CVSS v2.0 metrics and score provided are preliminary and subject to review.

Base Score: 2.1 Base Metrics: AV:L/AC:L/Au:N/C:N/I:P/A:N
Access Vector: Local network Attack Complexity: Low
Authentication: None required Confidentiality Impact: None
Integrity Impact: Partial Availability Impact: None

Errata information


PlatformErrataRelease Date
Oracle Linux version 5 (sudo)ELSA-2013-13532013-10-02
Oracle Linux version 6 (sudo)ELSA-2013-17012013-11-25
Oracle VM version 3.2 (sudo)OVMSA-2016-00792016-06-20



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete