Oracle Solaris Third-Party Patch Update : sudo (multiple_permissions_privileges_and_access)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Solaris system is missing a security patch for third-party
software.

Description :

The remote Solaris system is missing necessary patches to address
security updates :

- sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through
1.8.6p6 allows local users or physically proximate
attackers to bypass intended time restrictions and
retain privileges without re-authenticating by setting
the system clock and sudo user timestamp to the epoch.
(CVE-2013-1775)

- sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when
the tty_tickets option is enabled, does not properly
validate the controlling terminal device, which allows
local users with sudo permissions to hijack the
authorization of another terminal via vectors related to
connecting to the standard input, output, and error file
descriptors of another terminal. NOTE: this is one of
three closely-related vulnerabilities that were
originally assigned CVE-2013-1776, but they have been
SPLIT because of different affected versions.
(CVE-2013-1776)

See also :

http://www.nessus.org/u?b5f8def1
http://www.nessus.org/u?69db58b0

Solution :

Upgrade to Solaris 11.1.7.5.0.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Solaris Local Security Checks

Nessus Plugin ID: 80779 ()

Bugtraq ID:

CVE ID: CVE-2013-1775
CVE-2013-1776

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now