Test ID:	1.3.6.1.4.1.25623.1.1.4.2013.1594.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2013:1594-1)
Summary:	The remote host is missing an update for the 'sudo' package(s) announced via the SUSE-SU-2013:1594-1 advisory.
Description:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the SUSE-SU-2013:1594-1 advisory. Vulnerability Insight: This LTSS rollup update fixes the following security issues which allowed to bypass the sudo authentication: * CVE-2013-1775: sudo allowed local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. * CVE-2013-1776: sudo, when the tty_tickets option is enabled, did not properly validate the controlling terminal device, which allowed local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to a standard input, output, and error file descriptors of another terminal. * CVE-2013-2776: sudo, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, did not properly validate the controlling terminal device, which allowed local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to a standard input, output, and error file descriptors of another terminal. * CVE-2013-2777: sudo, when the tty_tickets option is enabled, did not properly validate the controlling terminal device, which allowed local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to a standard input, output, and error file descriptors of another terminal. Also a non-security bug was fixed: * set global ldap option before ldap init (bnc#760697) Security Issue references: * CVE-2013-1775 > * CVE-2013-1776 > * CVE-2013-2776 > * CVE-2013-2777 > Affected Software/OS: 'sudo' package(s) on SUSE Linux Enterprise Server 11-SP1. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1775 http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 58203 http://www.securityfocus.com/bid/58203 Debian Security Information: DSA-2642 (Google Search) http://www.debian.org/security/2013/dsa-2642 http://www.openwall.com/lists/oss-security/2013/02/27/22 http://osvdb.org/90677 RedHat Security Advisories: RHSA-2013:1353 http://rhn.redhat.com/errata/RHSA-2013-1353.html RedHat Security Advisories: RHSA-2013:1701 http://rhn.redhat.com/errata/RHSA-2013-1701.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440 SuSE Security Announcement: openSUSE-SU-2013:0495 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html http://www.ubuntu.com/usn/USN-1754-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-1776 BugTraq ID: 58207 http://www.securityfocus.com/bid/58207 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839 https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023 https://bugzilla.redhat.com/show_bug.cgi?id=916365 http://www.openwall.com/lists/oss-security/2013/02/27/31 XForce ISS Database: sudo-ttytickets-sec-bypass(82453) https://exchange.xforce.ibmcloud.com/vulnerabilities/82453 Common Vulnerability Exposure (CVE) ID: CVE-2013-2776 BugTraq ID: 62741 http://www.securityfocus.com/bid/62741 Common Vulnerability Exposure (CVE) ID: CVE-2013-2777
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.