FKIE_CVE-2013-1776

Vulnerability from fkie_nvd - Published: 2013-04-08 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
References
secalert@redhat.comhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2013-1353.html
secalert@redhat.comhttp://www.debian.org/security/2013/dsa-2642
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2013/02/27/31
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
secalert@redhat.comhttp://www.securityfocus.com/bid/58207
secalert@redhat.comhttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440
secalert@redhat.comhttp://www.sudo.ws/repos/sudo/rev/632f8e028191
secalert@redhat.comhttp://www.sudo.ws/repos/sudo/rev/6b22be4d09f0
secalert@redhat.comhttp://www.sudo.ws/sudo/alerts/tty_tickets.htmlVendor Advisory
secalert@redhat.comhttps://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=916365
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/82453
secalert@redhat.comhttps://support.apple.com/kb/HT205031Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-1353.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2013/dsa-2642
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2013/02/27/31
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/58207
af854a3a-2127-422b-91ae-364da2661108http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440
af854a3a-2127-422b-91ae-364da2661108http://www.sudo.ws/repos/sudo/rev/632f8e028191
af854a3a-2127-422b-91ae-364da2661108http://www.sudo.ws/repos/sudo/rev/6b22be4d09f0
af854a3a-2127-422b-91ae-364da2661108http://www.sudo.ws/sudo/alerts/tty_tickets.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=916365
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/82453
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/kb/HT205031Vendor Advisory
Impacted products
Vendor Product Version
apple mac_os_x *
todd_miller sudo 1.8.0
todd_miller sudo 1.8.1
todd_miller sudo 1.8.1p1
todd_miller sudo 1.8.1p2
todd_miller sudo 1.8.2
todd_miller sudo 1.8.3
todd_miller sudo 1.8.3p1
todd_miller sudo 1.8.3p2
todd_miller sudo 1.8.4
todd_miller sudo 1.8.4p1
todd_miller sudo 1.8.4p2
todd_miller sudo 1.8.4p3
todd_miller sudo 1.8.4p4
todd_miller sudo 1.8.4p5
todd_miller sudo 1.8.5
todd_miller sudo 1.3.5
todd_miller sudo 1.6
todd_miller sudo 1.6.1
todd_miller sudo 1.6.2
todd_miller sudo 1.6.2p3
todd_miller sudo 1.6.3
todd_miller sudo 1.6.3_p7
todd_miller sudo 1.6.4
todd_miller sudo 1.6.4p2
todd_miller sudo 1.6.5
todd_miller sudo 1.6.6
todd_miller sudo 1.6.7
todd_miller sudo 1.6.7p5
todd_miller sudo 1.6.8
todd_miller sudo 1.6.8p12
todd_miller sudo 1.6.9
todd_miller sudo 1.6.9p20
todd_miller sudo 1.6.9p21
todd_miller sudo 1.6.9p22
todd_miller sudo 1.6.9p23
todd_miller sudo 1.7.0
todd_miller sudo 1.7.1
todd_miller sudo 1.7.2
todd_miller sudo 1.7.2p1
todd_miller sudo 1.7.2p2
todd_miller sudo 1.7.2p3
todd_miller sudo 1.7.2p4
todd_miller sudo 1.7.2p5
todd_miller sudo 1.7.2p6
todd_miller sudo 1.7.2p7
todd_miller sudo 1.7.3b1
todd_miller sudo 1.7.4
todd_miller sudo 1.7.4p1
todd_miller sudo 1.7.4p2
todd_miller sudo 1.7.4p3
todd_miller sudo 1.7.4p4
todd_miller sudo 1.7.4p5
todd_miller sudo 1.7.4p6
todd_miller sudo 1.7.5
todd_miller sudo 1.7.6
todd_miller sudo 1.7.6p1
todd_miller sudo 1.7.6p2
todd_miller sudo 1.7.7
todd_miller sudo 1.7.8
todd_miller sudo 1.7.8p1
todd_miller sudo 1.7.8p2
todd_miller sudo 1.7.9
todd_miller sudo 1.7.9p1
todd_miller sudo 1.7.10
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
              "versionEndIncluding": "10.10.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCE5D7D-D269-4A10-B3C0-C5177F30BD29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F57804C-633D-4A0C-AF73-21C0BFBEA715",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2447F3-85CF-40F2-9472-B3775DE034DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B06006-124F-4B11-BEC3-D0E5060FCB56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97FF463B-A0BE-4E14-B644-F42D5D5CAB9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2224F7BC-145F-4E06-AAD8-280AD42339CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "344BF379-17AF-4296-B0A7-947B09C1581B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.3p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CA5CE6-F191-4FC2-AA36-562EB59E28F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0403E11-4280-49C2-9E38-E0524BC31768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B9393C-63FD-47EF-99F6-AF0186A248F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F2050DA-B737-437A-8BFA-76F0D4C41DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "91329D57-58F5-4159-B156-889D78B9935D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4548A6F5-EEB8-48BB-9653-9676FEBA63BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "19B53B8A-6EF1-42BE-90A0-90EE65FBD0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A71D36B-D2FD-4EDA-9D99-BF9F44DA980D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4F3BEB-BF2B-4E5F-A376-E23E6B532E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "976B5923-1BCC-4DE6-A904-930DD833B937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5452DF1-0270-452D-90EB-45E9A084B94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFD12E6-F92E-4371-ADA7-BCD41E4C9014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EF4CB38-4033-46A1-9155-DC348261CAEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FDF4FB-06FA-4A10-A3CF-F52169BC8072",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DB5610-03CE-425E-8855-70D5787029FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFC86C-7743-4F27-BC10-170F04C23D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "55799ECB-CEB1-4839-8053-4C1F071D1526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2170CFD0-2594-45FB-B68F-0A75114F00A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "294FC65B-4225-475A-B49A-758823CEDECD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6156B085-AA17-458C-AED1-D658275E43B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "85AA3DDA-BEC4-422D-8542-3FF5C6F5FA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6419309-385F-4525-AD4B-C73B1A3ED935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3604EC-3109-41AF-9068-60C639557BEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE103608-6BCB-4EC0-8EB1-110A80829592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F03EF9C-D90D-425E-AC35-8DD02B7C03F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC8D478-8554-4947-926A-8B1B27DD122D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*",
              "matchCriteriaId": "64435258-4639-438E-825F-E6AA82D41745",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33BC128-A782-465A-8AF0-860EBC8388EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "643ABD1F-83E1-4B71-AA59-8CF8B4018A46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8967DE4C-3D41-4BCE-97B0-469FCFBCE332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0D8CB9-3156-4F7F-A616-59EF530540D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C91B0A-44B6-4B33-A0ED-295C56D97546",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07945224-A955-4A33-B54B-11D128FCA0F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "41F70C45-9522-4F49-A5B9-62E03410F03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEAE0BA2-D9AC-40A3-A4DC-1E33DEE7200C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FEF4FBB-E045-43CE-A9F9-3FF7F9FE3400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*",
              "matchCriteriaId": "68372F8A-9AFD-45DE-A9B8-4CDF3154E349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*",
              "matchCriteriaId": "77DC6C6B-4585-401D-B02E-E70E6157DBC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55788B87-B41B-43F4-BA54-5208A4233500",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "837DD56D-267D-4AAA-9DB3-4B42FAE6E10C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "444B3D9E-51F6-4CED-9265-576DBDE40897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73FB7063-441C-445B-9C2E-BF92C8F3F43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D4170A7-4824-4108-A8CA-988F0E3F3747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "93EB0CA9-CE51-4AA3-AF29-4F201EB1A45D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "54614B98-E779-4FD9-ABF0-3ACA3F49921F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A84C0BBA-8C4F-457E-A45E-A4C4DB357B61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A22F86-72E8-42AE-BD52-BFF6498AB999",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C585A90-21F0-4BCF-85A4-BF470F581CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.6p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6FF76-F715-489B-8113-F9E00ADAD739",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.6p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DD87C06-62F3-4A7B-B7C1-055C41B9A7C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "28E7BF14-597B-4C3F-A8CE-5359C047F9C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D329BB-490F-4903-93FC-E45AF6EAEE4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.8p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA124FE0-B4E7-4F2E-B611-25D9897C32B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.8p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "662FC083-721B-416B-A081-0C474D6764E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A426F146-45BD-4666-81C0-00B719206288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.9p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBEB4E5-5B8D-4D01-A2A6-8BD6C39B39C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "46C40A7E-2ED8-4D13-A381-A219CC6B1B15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal.  NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
    },
    {
      "lang": "es",
      "value": "sudo v1.3.5 hasta v1.7.10 y v1.8.0 hasta  v1.8.5, cuando la opci\u00f3n tty_tickets est\u00e1 activada, no valida correctamente el dispositivo terminal de control, lo que permite a los usuarios locales con permisos de sudo para secuestrar a la autorizaci\u00f3n de otra terminal a trav\u00e9s de vectores relacionados con una sesi\u00f3n sin un dispositivo terminal de control y la conexi\u00f3n a una entrada est\u00e1ndar, salida, y descriptores de error de archivo de otros terminal. NOTA: esta es una de las tres vulnerabilidades estrechamente relacionadas con las que se asign\u00f3 originalmente a CVE-2013-1776, pero se han dividido debido a las diferentes versiones afectadas."
    }
  ],
  "id": "CVE-2013-1776",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-04-08T17:55:01.100",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2013/dsa-2642"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/58207"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.sudo.ws/repos/sudo/rev/632f8e028191"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.sudo.ws/repos/sudo/rev/6b22be4d09f0"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2013/dsa-2642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/58207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.sudo.ws/repos/sudo/rev/632f8e028191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.sudo.ws/repos/sudo/rev/6b22be4d09f0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.