CVE-2013-1775
NONE EPSS 86.6%
Published Mar 5, 201313y ago · Modified Jun 16, 20262w ago
Published Mar 5, 2013 13y ago
Last Modified Jun 16, 2026 2w ago
Description
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
Threat Intelligence
EPSS Exploit Probability
86.6% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-264
Affected Products 80
| Vendor | Product | Version | Range |
|---|---|---|---|
| todd_miller | sudo | 1.6 | any |
| todd_miller | sudo | 1.6.1 | any |
| todd_miller | sudo | 1.6.2 | any |
| todd_miller | sudo | 1.6.2p3 | any |
| todd_miller | sudo | 1.6.3 | any |
| todd_miller | sudo | 1.6.3_p7 | any |
| todd_miller | sudo | 1.6.4 | any |
| todd_miller | sudo | 1.6.4p2 | any |
| todd_miller | sudo | 1.6.5 | any |
| todd_miller | sudo | 1.6.6 | any |
| todd_miller | sudo | 1.6.7 | any |
| todd_miller | sudo | 1.6.7p5 | any |
| todd_miller | sudo | 1.6.8 | any |
| todd_miller | sudo | 1.6.8p12 | any |
| todd_miller | sudo | 1.6.9 | any |
| todd_miller | sudo | 1.6.9p20 | any |
| todd_miller | sudo | 1.6.9p21 | any |
| todd_miller | sudo | 1.6.9p22 | any |
| todd_miller | sudo | 1.6.9p23 | any |
| todd_miller | sudo | 1.8.0 | any |
| todd_miller | sudo | 1.8.1 | any |
| todd_miller | sudo | 1.8.1p1 | any |
| todd_miller | sudo | 1.8.1p2 | any |
| todd_miller | sudo | 1.8.2 | any |
| todd_miller | sudo | 1.8.3 | any |
| todd_miller | sudo | 1.8.3p1 | any |
| todd_miller | sudo | 1.8.3p2 | any |
| todd_miller | sudo | 1.8.4 | any |
| todd_miller | sudo | 1.8.4p1 | any |
| todd_miller | sudo | 1.8.4p2 | any |
| todd_miller | sudo | 1.8.4p3 | any |
| todd_miller | sudo | 1.8.4p4 | any |
| todd_miller | sudo | 1.8.4p5 | any |
| todd_miller | sudo | 1.8.5 | any |
| todd_miller | sudo | 1.8.5p1 | any |
| todd_miller | sudo | 1.8.5p2 | any |
| todd_miller | sudo | 1.8.5p3 | any |
| todd_miller | sudo | 1.8.6 | any |
| todd_miller | sudo | 1.8.6p1 | any |
| todd_miller | sudo | 1.8.6p2 | any |
| todd_miller | sudo | 1.8.6p3 | any |
| todd_miller | sudo | 1.8.6p4 | any |
| todd_miller | sudo | 1.8.6p5 | any |
| todd_miller | sudo | 1.8.6p6 | any |
| apple | mac_os_x | * | ≤10.10.4 |
| todd_miller | sudo | 1.7.0 | any |
| todd_miller | sudo | 1.7.1 | any |
| todd_miller | sudo | 1.7.2 | any |
| todd_miller | sudo | 1.7.2p1 | any |
| todd_miller | sudo | 1.7.2p2 | any |
| todd_miller | sudo | 1.7.2p3 | any |
| todd_miller | sudo | 1.7.2p4 | any |
| todd_miller | sudo | 1.7.2p5 | any |
| todd_miller | sudo | 1.7.2p6 | any |
| todd_miller | sudo | 1.7.2p7 | any |
| todd_miller | sudo | 1.7.3b1 | any |
| todd_miller | sudo | 1.7.4 | any |
| todd_miller | sudo | 1.7.4p1 | any |
| todd_miller | sudo | 1.7.4p2 | any |
| todd_miller | sudo | 1.7.4p3 | any |
| todd_miller | sudo | 1.7.4p4 | any |
| todd_miller | sudo | 1.7.4p5 | any |
| todd_miller | sudo | 1.7.4p6 | any |
| todd_miller | sudo | 1.7.5 | any |
| todd_miller | sudo | 1.7.6 | any |
| todd_miller | sudo | 1.7.6p1 | any |
| todd_miller | sudo | 1.7.6p2 | any |
| todd_miller | sudo | 1.7.7 | any |
| todd_miller | sudo | 1.7.8 | any |
| todd_miller | sudo | 1.7.8p1 | any |
| todd_miller | sudo | 1.7.8p2 | any |
| todd_miller | sudo | 1.7.9 | any |
| todd_miller | sudo | 1.7.9p1 | any |
| todd_miller | sudo | 1.7.10 | any |
| todd_miller | sudo | 1.7.10p1 | any |
| todd_miller | sudo | 1.7.10p2 | any |
| todd_miller | sudo | 1.7.10p3 | any |
| todd_miller | sudo | 1.7.10p4 | any |
| todd_miller | sudo | 1.7.10p5 | any |
| todd_miller | sudo | 1.7.10p6 | any |
References 17
- lists.apple.com http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
- lists.apple.com http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html
- osvdb.org http://osvdb.org/90677
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2013-1353.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2013-1701.html
- support.apple.com http://support.apple.com/kb/HT5880
- debian.org http://www.debian.org/security/2013/dsa-2642
- openwall.com http://www.openwall.com/lists/oss-security/2013/02/27/22
- oracle.com http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- securityfocus.com http://www.securityfocus.com/bid/58203
- slackware.com http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440
- sudo.ws http://www.sudo.ws/repos/sudo/rev/ddf399e3e306
- sudo.ws http://www.sudo.ws/repos/sudo/rev/ebd6cc75020f
- sudo.ws http://www.sudo.ws/sudo/alerts/epoch_ticket.html
- ubuntu.com http://www.ubuntu.com/usn/USN-1754-1
- support.apple.com https://support.apple.com/kb/HT205031