FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-1776

This CVE name corresponds to:

Entered Topic
2013-03-01 sudo -- Potential bypass of tty_tickets constraints

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2013-1776
Phase Assigned(20130219)

Description

sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.

References

Source Reference
MLIST [oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints
MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839
MISC https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023
MISC https://bugzilla.redhat.com/show_bug.cgi?id=916365
CONFIRM http://www.sudo.ws/repos/sudo/rev/632f8e028191
CONFIRM http://www.sudo.ws/repos/sudo/rev/6b22be4d09f0
CONFIRM http://www.sudo.ws/sudo/alerts/tty_tickets.html
DEBIAN DSA-2642
REDHAT RHSA-2013:1353
SLACKWARE SSA:2013-065-01
SUSE openSUSE-SU-2013:0495
BID 58207
XF sudo-ttytickets-sec-bypass(82453)