6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
11.1%
Name | sudo_timestamp |
---|---|
CVE | CVE-2013-1775 Exploit Pack |
VENDOR: Intel, GNU/Linux, Apple | |
Notes: | |
This exploit runs on GNU/Linux and MacOS X. |
On both systems this exploit requires:
- User has run at least once “sudo”
- User is an admin
On GNU/Linux it also requires that the user is currently logged in
on a wm session and has an open terminal with a bound sudo timestamp
ticket (an open pts/ on which the user has run sudo at least once).
Repeatability: Infinite
References: http://www.sudo.ws/sudo/alerts/epoch_ticket.html
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1775