CVE-2013-2777

MEDIUM

Description

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

http://rhn.redhat.com/errata/RHSA-2013-1701.html

http://www.debian.org/security/2013/dsa-2642

http://www.openwall.com/lists/oss-security/2013/02/27/31

http://www.securityfocus.com/bid/58207

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440

http://www.sudo.ws/repos/sudo/rev/2f3225a2a4a4

http://www.sudo.ws/repos/sudo/rev/bfa23f089bba

http://www.sudo.ws/sudo/alerts/tty_tickets.html

https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023

https://bugzilla.redhat.com/show_bug.cgi?id=916365

https://exchange.xforce.ibmcloud.com/vulnerabilities/82453

https://support.apple.com/kb/HT205031

Details

Source: MITRE

Published: 2013-04-08

Updated: 2017-08-29

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to 10.10.4 (inclusive)

Configuration 2

OR

cpe:2.3:a:todd_miller:sudo:1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.4p6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.6p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.6p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.8p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.8p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.9p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.10p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.10p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.7.10p3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:*:*:*:*:*:*:*:* versions up to 1.7.10p4 (inclusive)

Configuration 3

OR

cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.3p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.4p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.4p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.4p3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.4p4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.4p5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.6:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.6p1:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.6p2:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.6p3:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.6p4:*:*:*:*:*:*:*

cpe:2.3:a:todd_miller:sudo:1.8.6p5:*:*:*:*:*:*:*

Tenable Plugins

View all (13 total)

IDNameProductFamilySeverity
91755OracleVM 3.2 : sudo (OVMSA-2016-0079)NessusOracleVM Local Security Checks
medium
8981Mac OS X < 10.10.5 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
high
85408Mac OS X 10.10.x < 10.10.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
79173CentOS 6 : sudo (CESA-2013:1701)NessusCentOS Local Security Checks
medium
72078GLSA-201401-23 : sudo: Privilege escalationNessusGentoo Local Security Checks
medium
71399Amazon Linux AMI : sudo (ALAS-2013-259)NessusAmazon Linux Local Security Checks
medium
71300Scientific Linux Security Update : sudo on SL6.x i386/x86_64 (20131121)NessusScientific Linux Local Security Checks
medium
71112Oracle Linux 6 : sudo (ELSA-2013-1701)NessusOracle Linux Local Security Checks
medium
71017RHEL 6 : sudo (RHSA-2013:1701)NessusRed Hat Local Security Checks
medium
66466SuSE 10 Security Update : sudo (ZYPP Patch Number 8562)NessusSuSE Local Security Checks
medium
66464SuSE 11.2 Security Update : sudo (SAT Patch Number 7705)NessusSuSE Local Security Checks
medium
65179Debian DSA-2642-1 : sudo - several issuesNessusDebian Local Security Checks
medium
65060Slackware 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 14.0 / current : sudo (SSA:2013-065-01)NessusSlackware Local Security Checks
medium