CVE-2013-1775
sudo - several issues
EPSS 8.1%
Description
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
How to fix CVE-2013-1775
To remediate CVE-2013-1775, upgrade the affected package to a fixed version below.
- Debian/sudo—upgrade to 1.8.5p2-1+nmu1 or later
- Debian/sudo—upgrade to 1.7.4p4-2.squeeze.4 or later
Is CVE-2013-1775 being exploited?
Moderate — EPSS is 8.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.8.5p2-1+nmu1
- from 0, < 1.7.4p4-2.squeeze.4