Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability

Bugtraq ID: 58203
Class: Design Error
CVE: CVE-2013-1775
Remote: No
Local: Yes
Published: Feb 27 2013 12:00AM
Updated: Oct 01 2013 02:17PM
Credit: Marco Schoepl
Vulnerable: Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Todd Miller Sudo 1.8.3
Todd Miller Sudo 1.8.2
Todd Miller Sudo 1.8.2
Todd Miller Sudo 1.8.1
Todd Miller Sudo 1.8
Todd Miller Sudo 1.7
Todd Miller Sudo 1.6.9 p19
Todd Miller Sudo 1.6.9 p18
Todd Miller Sudo 1.6.9 p17
Todd Miller Sudo 1.6.8 p9
Todd Miller Sudo 1.6.8 p8
+ OpenPKG OpenPKG 2.4
+ OpenPKG OpenPKG Current
 + Red Hat Fedora Core4
 Todd Miller Sudo 1.6.8 p7
+ Debian Linux 3.1 sparc
 + Debian Linux 3.1 s/390
 + Debian Linux 3.1 ppc
 + Debian Linux 3.1 mipsel
 + Debian Linux 3.1 mips
 + Debian Linux 3.1 m68k
 + Debian Linux 3.1 ia-64
 + Debian Linux 3.1 ia-32
 + Debian Linux 3.1 hppa
 + Debian Linux 3.1 arm
 + Debian Linux 3.1 amd64
 + Debian Linux 3.1 alpha
 + Debian Linux 3.1
+ OpenPKG OpenPKG 2.3
Todd Miller Sudo 1.6.8 p5
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
 + Ubuntu Ubuntu Linux 5.0 4 i386
 + Ubuntu Ubuntu Linux 5.0 4 amd64
 Todd Miller Sudo 1.6.8 p4
Todd Miller Sudo 1.6.8 p2
+ Trustix Secure Linux 2.2
Todd Miller Sudo 1.6.8 p12
Todd Miller Sudo 1.6.8 p1
+ Mandriva Linux Mandrake 10.2 x86_64
 + Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
 + Mandriva Linux Mandrake 10.1
+ OpenPKG OpenPKG 2.2
+ OpenPKG OpenPKG Current
 Todd Miller Sudo 1.6.8
Todd Miller Sudo 1.6.7 p5
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ MandrakeSoft Corporate Server 3.0 x86_64
 + MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
 + Mandriva Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.1
+ Red Hat Fedora Core3
 + Ubuntu Ubuntu Linux 4.1 ppc
 + Ubuntu Ubuntu Linux 4.1 ia64
 + Ubuntu Ubuntu Linux 4.1 ia32
 Todd Miller Sudo 1.6.7
Todd Miller Sudo 1.6.6
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
 + Conectiva Linux ecommerce
 + Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
+ MandrakeSoft Corporate Server 2.1 x86_64
 + MandrakeSoft Corporate Server 2.1
+ Slackware Linux 8.0
Todd Miller Sudo 1.6.5 p2
+ NetBSD NetBSD 1.5.2
+ OpenBSD OpenBSD 3.1
 + RedHat Linux 7.2 ia64
 + RedHat Linux 7.2 i386
 + RedHat Linux 7.2 alpha
 + RedHat Linux 7.1 ia64
 + RedHat Linux 7.1 i386
 + RedHat Linux 7.1 alpha
 + RedHat Linux 7.0 i386
 + RedHat Linux 7.0 alpha
 - RedHat Linux 6.2 sparc
 - RedHat Linux 6.2 i386
 - RedHat Linux 6.2 alpha
 + S.u.S.E. Linux 8.0 i386
 + S.u.S.E. Linux 8.0
Todd Miller Sudo 1.6.5 p1
+ Slackware Linux 8.0
Todd Miller Sudo 1.6.5
Todd Miller Sudo 1.6.4 p2
Todd Miller Sudo 1.6.4 p1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ Conectiva Linux 5.1
+ Conectiva Linux 5.0
+ Conectiva Linux graficas
 + Conectiva Linux ecommerce
 Todd Miller Sudo 1.6.4
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
 + Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
 + Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
 + RedHat Linux 7.2 i386
 + RedHat Linux 7.2 alpha
 + RedHat Linux 7.1 ia64
 + RedHat Linux 7.1 i386
 + RedHat Linux 7.1 alpha
 + RedHat Linux 7.0 i386
 + RedHat Linux 7.0 alpha
 - RedHat Linux 6.2 sparc
 - RedHat Linux 6.2 i386
 - RedHat Linux 6.2 alpha
 Todd Miller Sudo 1.6.3 p7
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
+ RedHat Linux 7.2 ia64
 + RedHat Linux 7.2 i386
 + S.u.S.E. Linux 7.3 sparc
 + S.u.S.E. Linux 7.3 ppc
 + S.u.S.E. Linux 7.3 i386
 + S.u.S.E. Linux 7.3
+ Slackware Linux 8.0
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
Todd Miller Sudo 1.6.3 p6
+ Guardian Digital Engarde Secure Linux 1.0.1
+ Guardian Digital Engarde Secure Linux 1.0.1
+ HP Secure OS software for Linux 1.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.1 ia64
 + RedHat Linux 7.1 ia64
 + RedHat Linux 7.1 i386
 + RedHat Linux 7.1 i386
 + RedHat Linux 7.1 alpha
 + RedHat Linux 7.1 alpha
 + S.u.S.E. Linux 7.2 i386
 + S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1 x86
 + S.u.S.E. Linux 7.1 x86
 + S.u.S.E. Linux 7.1 sparc
 + S.u.S.E. Linux 7.1 sparc
 + S.u.S.E. Linux 7.1 ppc
 + S.u.S.E. Linux 7.1 ppc
 + S.u.S.E. Linux 7.1 alpha
 + S.u.S.E. Linux 7.1 alpha
 + S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
 + S.u.S.E. Linux 7.0 sparc
 + S.u.S.E. Linux 7.0 ppc
 + S.u.S.E. Linux 7.0 ppc
 + S.u.S.E. Linux 7.0 i386
 + S.u.S.E. Linux 7.0 i386
 + S.u.S.E. Linux 7.0 alpha
 + S.u.S.E. Linux 7.0 alpha
 + S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 7.0
+ Wirex Immunix OS 7.0
+ Wirex Immunix OS 7.0
Todd Miller Sudo 1.6.3 p5
Todd Miller Sudo 1.6.3 p4
+ Slackware Linux 7.1
Todd Miller Sudo 1.6.3 p3
Todd Miller Sudo 1.6.3 p2
Todd Miller Sudo 1.6.3 p1
Todd Miller Sudo 1.6.3
+ RedHat Linux 7.0 i386
 + RedHat Linux 7.0 alpha
 Todd Miller Sudo 1.6.2
- Debian Linux 2.2
Todd Miller Sudo 1.6.1
Todd Miller Sudo 1.6
Todd Miller Sudo 1.8.4p5
Todd Miller Sudo 1.8.3p2
Todd Miller Sudo 1.8.3p1
Todd Miller Sudo 1.6.9 p23
Todd Miller Sudo 1.6.9 p22
Todd Miller Sudo 1.6.9 p21
Todd Miller Sudo 1.6.9 p20
Slackware Linux x86_64 -current
Slackware Linux 13.37 x86_64
Slackware Linux 13.37
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux 13.0 x86_64
Slackware Linux 13.0
Slackware Linux 12.2
Slackware Linux 12.1
Slackware Linux -current
Red Hat Fedora 17
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus