Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2013-2776
Vulnerability from cvelistv5
Published
2013-04-08 17:00
Modified
2024-08-06 15:44
Severity ?
EPSS score ?
Summary
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"name": "58207",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58207"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"name": "RHSA-2013:1701",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"name": "DSA-2642",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"name": "[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "SSA:2013-065-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"name": "62741",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62741"
},
{
"name": "RHSA-2013:1353",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"name": "sudo-ttytickets-sec-bypass(82453)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"name": "58207",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58207"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"name": "RHSA-2013:1701",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"name": "DSA-2642",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"name": "[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "SSA:2013-065-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"name": "62741",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62741"
},
{
"name": "RHSA-2013:1353",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"name": "sudo-ttytickets-sec-bypass(82453)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"name": "58207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58207"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"name": "RHSA-2013:1701",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"name": "DSA-2642",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"name": "[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"name": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"name": "http://www.sudo.ws/sudo/alerts/tty_tickets.html",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "SSA:2013-065-01",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"name": "62741",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62741"
},
{
"name": "RHSA-2013:1353",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916365",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"name": "sudo-ttytickets-sec-bypass(82453)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2776",
"datePublished": "2013-04-08T17:00:00",
"dateReserved": "2013-04-08T00:00:00",
"dateUpdated": "2024-08-06T15:44:33.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2013-2776\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-04-08T17:55:01.127\",\"lastModified\":\"2024-11-21T01:52:20.597\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.\"},{\"lang\":\"es\",\"value\":\"sudo v1.3.5 hasta v1.7.10p5 y v1.8.0 hasta v1.8.6p6, cuando se ejecuta en sistemas sin /proc o la funci\u00f3n sysctl con la opci\u00f3n tty_tickets habilitada, no valida correctamente el control de dispositivo terminal, lo que permite a los usuarios locales con permisos de sudo para secuestrar a la autorizaci\u00f3n de otra terminal a trav\u00e9s de vectores relacionados con una sesi\u00f3n sin un dispositivo terminal de control y la conexi\u00f3n a una entrada est\u00e1ndar, salida, y descriptores de error de archivo de otros terminal. NOTA: esta es una de las tres vulnerabilidades estrechamente relacionadas con las que se asign\u00f3 originalmente a CVE-2013-1776, pero se han dividido debido a las diferentes versiones afectadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC4F3BEB-BF2B-4E5F-A376-E23E6B532E81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"976B5923-1BCC-4DE6-A904-930DD833B937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5452DF1-0270-452D-90EB-45E9A084B94C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFD12E6-F92E-4371-ADA7-BCD41E4C9014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EF4CB38-4033-46A1-9155-DC348261CAEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67FDF4FB-06FA-4A10-A3CF-F52169BC8072\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26DB5610-03CE-425E-8855-70D5787029FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5DFC86C-7743-4F27-BC10-170F04C23D7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55799ECB-CEB1-4839-8053-4C1F071D1526\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2170CFD0-2594-45FB-B68F-0A75114F00A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"294FC65B-4225-475A-B49A-758823CEDECD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6156B085-AA17-458C-AED1-D658275E43B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85AA3DDA-BEC4-422D-8542-3FF5C6F5FA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6419309-385F-4525-AD4B-C73B1A3ED935\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD3604EC-3109-41AF-9068-60C639557BEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE103608-6BCB-4EC0-8EB1-110A80829592\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F03EF9C-D90D-425E-AC35-8DD02B7C03F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC8D478-8554-4947-926A-8B1B27DD122D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64435258-4639-438E-825F-E6AA82D41745\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C33BC128-A782-465A-8AF0-860EBC8388EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643ABD1F-83E1-4B71-AA59-8CF8B4018A46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8967DE4C-3D41-4BCE-97B0-469FCFBCE332\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C0D8CB9-3156-4F7F-A616-59EF530540D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C91B0A-44B6-4B33-A0ED-295C56D97546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07945224-A955-4A33-B54B-11D128FCA0F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F70C45-9522-4F49-A5B9-62E03410F03E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEAE0BA2-D9AC-40A3-A4DC-1E33DEE7200C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FEF4FBB-E045-43CE-A9F9-3FF7F9FE3400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68372F8A-9AFD-45DE-A9B8-4CDF3154E349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77DC6C6B-4585-401D-B02E-E70E6157DBC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55788B87-B41B-43F4-BA54-5208A4233500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"837DD56D-267D-4AAA-9DB3-4B42FAE6E10C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"444B3D9E-51F6-4CED-9265-576DBDE40897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73FB7063-441C-445B-9C2E-BF92C8F3F43D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D4170A7-4824-4108-A8CA-988F0E3F3747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93EB0CA9-CE51-4AA3-AF29-4F201EB1A45D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54614B98-E779-4FD9-ABF0-3ACA3F49921F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.4p6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A84C0BBA-8C4F-457E-A45E-A4C4DB357B61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A22F86-72E8-42AE-BD52-BFF6498AB999\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C585A90-21F0-4BCF-85A4-BF470F581CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.6p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5B6FF76-F715-489B-8113-F9E00ADAD739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.6p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DD87C06-62F3-4A7B-B7C1-055C41B9A7C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28E7BF14-597B-4C3F-A8CE-5359C047F9C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4D329BB-490F-4903-93FC-E45AF6EAEE4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.8p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA124FE0-B4E7-4F2E-B611-25D9897C32B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.8p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"662FC083-721B-416B-A081-0C474D6764E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A426F146-45BD-4666-81C0-00B719206288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.9p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CBEB4E5-5B8D-4D01-A2A6-8BD6C39B39C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46C40A7E-2ED8-4D13-A381-A219CC6B1B15\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7958DC3-1D59-47CB-A4C8-40EB675ED08A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"119AC9FA-3174-4982-A58F-D5F8FACC7411\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF14E93E-29CA-4A30-966B-5D71A03A6B0A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.10.4\",\"matchCriteriaId\":\"7883E465-932D-4C11-AA54-97E44181F906\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E59EA28-3FED-4BBC-AEC6-BE60C3107494\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.7.10p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D576845C-2645-46E5-B6EE-C23FA80A44B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CCE5D7D-D269-4A10-B3C0-C5177F30BD29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F57804C-633D-4A0C-AF73-21C0BFBEA715\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C2447F3-85CF-40F2-9472-B3775DE034DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5B06006-124F-4B11-BEC3-D0E5060FCB56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97FF463B-A0BE-4E14-B644-F42D5D5CAB9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2224F7BC-145F-4E06-AAD8-280AD42339CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"344BF379-17AF-4296-B0A7-947B09C1581B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.3p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1CA5CE6-F191-4FC2-AA36-562EB59E28F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0403E11-4280-49C2-9E38-E0524BC31768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03B9393C-63FD-47EF-99F6-AF0186A248F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F2050DA-B737-437A-8BFA-76F0D4C41DCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91329D57-58F5-4159-B156-889D78B9935D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4548A6F5-EEB8-48BB-9653-9676FEBA63BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.4p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19B53B8A-6EF1-42BE-90A0-90EE65FBD0F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A71D36B-D2FD-4EDA-9D99-BF9F44DA980D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB3D2805-A361-4A13-9E19-889CBE703137\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.6p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C4F9EE-9907-46E8-980F-FEBC5591C1FD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.6p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DD19E7-A84F-4667-BFF7-C8D010648330\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.6p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E5AA45-D8C7-467C-BB10-0FE923C99D73\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.6p4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9BD09D8-2388-444F-926A-78BD74469928\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:todd_miller:sudo:1.8.6p5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5F4C1EC-57BE-49E3-82AE-40B987059C41\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1353.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1701.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2642\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/02/27/31\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/58207\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/62741\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/049a12a5cc14\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.sudo.ws/sudo/alerts/tty_tickets.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=916365\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82453\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1353.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1701.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/02/27/31\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/58207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/62741\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/049a12a5cc14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.sudo.ws/sudo/alerts/tty_tickets.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=916365\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/82453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
gsd-2013-2776
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-2776",
"description": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"id": "GSD-2013-2776",
"references": [
"https://www.suse.com/security/cve/CVE-2013-2776.html",
"https://www.debian.org/security/2013/dsa-2642",
"https://access.redhat.com/errata/RHSA-2013:1701",
"https://access.redhat.com/errata/RHSA-2013:1353",
"https://alas.aws.amazon.com/cve/html/CVE-2013-2776.html",
"https://linux.oracle.com/cve/CVE-2013-2776.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-2776"
],
"details": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"id": "GSD-2013-2776",
"modified": "2023-12-13T01:22:17.285533Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"name": "58207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58207"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"name": "RHSA-2013:1701",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"name": "DSA-2642",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"name": "[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"name": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"name": "http://www.sudo.ws/sudo/alerts/tty_tickets.html",
"refsource": "CONFIRM",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "SSA:2013-065-01",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"name": "62741",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62741"
},
{
"name": "RHSA-2013:1353",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916365",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"name": "sudo-ttytickets-sec-bypass(82453)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.8p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.6p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.10p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.9p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.6p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.4p6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.10p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.10p3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.8p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.4p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.4p3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.6p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.6p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.4p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.10p5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.4p4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.4p5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.6p3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.6p4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.3p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.7.10p4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:todd_miller:sudo:1.8.6p5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2776"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839",
"refsource": "MISC",
"tags": [],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023",
"refsource": "MISC",
"tags": [],
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"name": "58207",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/58207"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916365",
"refsource": "MISC",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"name": "[oss-security] 20130227 Re: CVE request: potential bypass of sudo tty_tickets constraints",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"name": "http://www.sudo.ws/sudo/alerts/tty_tickets.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"name": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"name": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"name": "SSA:2013-065-01",
"refsource": "SLACKWARE",
"tags": [],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"name": "DSA-2642",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"name": "RHSA-2013:1353",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"name": "RHSA-2013:1701",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "62741",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/62741"
},
{
"name": "sudo-ttytickets-sec-bypass(82453)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-08-29T01:33Z",
"publishedDate": "2013-04-08T17:55Z"
}
}
}
rhsa-2013:1353
Vulnerability from csaf_redhat
Published
2013-09-30 20:30
Modified
2024-11-22 07:02
Summary
Red Hat Security Advisory: sudo security and bug fix update
Notes
Topic
An updated sudo package that fixes multiple security issues and several
bugs is now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A flaw was found in the way sudo handled time stamp files. An attacker able
to run code as a local user and with the ability to control the system
clock could possibly gain additional privileges by running commands that
the victim user was allowed to run via sudo, without knowing the victim's
password. (CVE-2013-1775)
It was found that sudo did not properly validate the controlling terminal
device when the tty_tickets option was enabled in the /etc/sudoers file. An
attacker able to run code as a local user could possibly gain additional
privileges by running commands that the victim user was allowed to run via
sudo, without knowing the victim's password. (CVE-2013-1776, CVE-2013-2776)
This update also fixes the following bugs:
* Due to a bug in the cycle detection algorithm of the visudo utility,
visudo incorrectly evaluated certain alias definitions in the /etc/sudoers
file as cycles. Consequently, a warning message about undefined aliases
appeared. This bug has been fixed, /etc/sudoers is now parsed correctly by
visudo and the warning message no longer appears. (BZ#849679)
* Previously, the 'sudo -l' command did not parse the /etc/sudoers file
correctly if it contained an Active Directory (AD) group. The file was
parsed only up to the first AD group information and then the parsing
failed with the following message:
sudo: unable to cache group ADDOM\admingroup, already exists
With this update, the underlying code has been modified and 'sudo -l' now
parses /etc/sudoers containing AD groups correctly. (BZ#855836)
* Previously, the sudo utility did not escape the backslash characters
contained in user names properly. Consequently, if a system used sudo
integrated with LDAP or Active Directory (AD) as the primary authentication
mechanism, users were not able to authenticate on that system. With this
update, sudo has been modified to process LDAP and AD names correctly and
the authentication process now works as expected. (BZ#869287)
* Prior to this update, the 'visudo -s (strict)' command incorrectly parsed
certain alias definitions. Consequently, an error message was issued. The
bug has been fixed, and parsing errors no longer occur when using 'visudo
-s'. (BZ#905624)
All sudo users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated sudo package that fixes multiple security issues and several\nbugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root.\n\nA flaw was found in the way sudo handled time stamp files. An attacker able\nto run code as a local user and with the ability to control the system\nclock could possibly gain additional privileges by running commands that\nthe victim user was allowed to run via sudo, without knowing the victim\u0027s\npassword. (CVE-2013-1775)\n\nIt was found that sudo did not properly validate the controlling terminal\ndevice when the tty_tickets option was enabled in the /etc/sudoers file. An\nattacker able to run code as a local user could possibly gain additional\nprivileges by running commands that the victim user was allowed to run via\nsudo, without knowing the victim\u0027s password. (CVE-2013-1776, CVE-2013-2776)\n\nThis update also fixes the following bugs:\n\n* Due to a bug in the cycle detection algorithm of the visudo utility,\nvisudo incorrectly evaluated certain alias definitions in the /etc/sudoers\nfile as cycles. Consequently, a warning message about undefined aliases\nappeared. This bug has been fixed, /etc/sudoers is now parsed correctly by\nvisudo and the warning message no longer appears. (BZ#849679)\n\n* Previously, the \u0027sudo -l\u0027 command did not parse the /etc/sudoers file\ncorrectly if it contained an Active Directory (AD) group. The file was\nparsed only up to the first AD group information and then the parsing\nfailed with the following message:\n\n sudo: unable to cache group ADDOM\\admingroup, already exists\n\nWith this update, the underlying code has been modified and \u0027sudo -l\u0027 now\nparses /etc/sudoers containing AD groups correctly. (BZ#855836)\n\n* Previously, the sudo utility did not escape the backslash characters\ncontained in user names properly. Consequently, if a system used sudo\nintegrated with LDAP or Active Directory (AD) as the primary authentication\nmechanism, users were not able to authenticate on that system. With this\nupdate, sudo has been modified to process LDAP and AD names correctly and\nthe authentication process now works as expected. (BZ#869287)\n\n* Prior to this update, the \u0027visudo -s (strict)\u0027 command incorrectly parsed\ncertain alias definitions. Consequently, an error message was issued. The\nbug has been fixed, and parsing errors no longer occur when using \u0027visudo\n-s\u0027. (BZ#905624)\n\nAll sudo users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1353",
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "853203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853203"
},
{
"category": "external",
"summary": "856902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856902"
},
{
"category": "external",
"summary": "916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "916365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"category": "external",
"summary": "949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1353.json"
}
],
"title": "Red Hat Security Advisory: sudo security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T07:02:54+00:00",
"generator": {
"date": "2024-11-22T07:02:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1353",
"initial_release_date": "2013-09-30T20:30:00+00:00",
"revision_history": [
{
"date": "2013-09-30T20:30:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-09-30T20:31:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:02:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.s390x",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.s390x",
"product_id": "sudo-0:1.7.2p1-28.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.ia64",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.ia64",
"product_id": "sudo-0:1.7.2p1-28.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.ppc",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.ppc",
"product_id": "sudo-0:1.7.2p1-28.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.src",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.src",
"product_id": "sudo-0:1.7.2p1-28.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.i386",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.i386",
"product_id": "sudo-0:1.7.2p1-28.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.x86_64",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64",
"product_id": "sudo-0:1.7.2p1-28.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.src"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.src"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1775",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916363"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: authentication bypass via reset system clock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1775"
},
{
"category": "external",
"summary": "RHBZ#916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html",
"url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: authentication bypass via reset system clock"
},
{
"cve": "CVE-2013-1776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916365"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1776"
},
{
"category": "external",
"summary": "RHBZ#916365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1776"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/tty_tickets.html",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
},
{
"cve": "CVE-2013-2776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949751"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2776"
},
{
"category": "external",
"summary": "RHBZ#949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
}
]
}
RHSA-2013:1353
Vulnerability from csaf_redhat
Published
2013-09-30 20:30
Modified
2024-11-22 07:02
Summary
Red Hat Security Advisory: sudo security and bug fix update
Notes
Topic
An updated sudo package that fixes multiple security issues and several
bugs is now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A flaw was found in the way sudo handled time stamp files. An attacker able
to run code as a local user and with the ability to control the system
clock could possibly gain additional privileges by running commands that
the victim user was allowed to run via sudo, without knowing the victim's
password. (CVE-2013-1775)
It was found that sudo did not properly validate the controlling terminal
device when the tty_tickets option was enabled in the /etc/sudoers file. An
attacker able to run code as a local user could possibly gain additional
privileges by running commands that the victim user was allowed to run via
sudo, without knowing the victim's password. (CVE-2013-1776, CVE-2013-2776)
This update also fixes the following bugs:
* Due to a bug in the cycle detection algorithm of the visudo utility,
visudo incorrectly evaluated certain alias definitions in the /etc/sudoers
file as cycles. Consequently, a warning message about undefined aliases
appeared. This bug has been fixed, /etc/sudoers is now parsed correctly by
visudo and the warning message no longer appears. (BZ#849679)
* Previously, the 'sudo -l' command did not parse the /etc/sudoers file
correctly if it contained an Active Directory (AD) group. The file was
parsed only up to the first AD group information and then the parsing
failed with the following message:
sudo: unable to cache group ADDOM\admingroup, already exists
With this update, the underlying code has been modified and 'sudo -l' now
parses /etc/sudoers containing AD groups correctly. (BZ#855836)
* Previously, the sudo utility did not escape the backslash characters
contained in user names properly. Consequently, if a system used sudo
integrated with LDAP or Active Directory (AD) as the primary authentication
mechanism, users were not able to authenticate on that system. With this
update, sudo has been modified to process LDAP and AD names correctly and
the authentication process now works as expected. (BZ#869287)
* Prior to this update, the 'visudo -s (strict)' command incorrectly parsed
certain alias definitions. Consequently, an error message was issued. The
bug has been fixed, and parsing errors no longer occur when using 'visudo
-s'. (BZ#905624)
All sudo users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated sudo package that fixes multiple security issues and several\nbugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root.\n\nA flaw was found in the way sudo handled time stamp files. An attacker able\nto run code as a local user and with the ability to control the system\nclock could possibly gain additional privileges by running commands that\nthe victim user was allowed to run via sudo, without knowing the victim\u0027s\npassword. (CVE-2013-1775)\n\nIt was found that sudo did not properly validate the controlling terminal\ndevice when the tty_tickets option was enabled in the /etc/sudoers file. An\nattacker able to run code as a local user could possibly gain additional\nprivileges by running commands that the victim user was allowed to run via\nsudo, without knowing the victim\u0027s password. (CVE-2013-1776, CVE-2013-2776)\n\nThis update also fixes the following bugs:\n\n* Due to a bug in the cycle detection algorithm of the visudo utility,\nvisudo incorrectly evaluated certain alias definitions in the /etc/sudoers\nfile as cycles. Consequently, a warning message about undefined aliases\nappeared. This bug has been fixed, /etc/sudoers is now parsed correctly by\nvisudo and the warning message no longer appears. (BZ#849679)\n\n* Previously, the \u0027sudo -l\u0027 command did not parse the /etc/sudoers file\ncorrectly if it contained an Active Directory (AD) group. The file was\nparsed only up to the first AD group information and then the parsing\nfailed with the following message:\n\n sudo: unable to cache group ADDOM\\admingroup, already exists\n\nWith this update, the underlying code has been modified and \u0027sudo -l\u0027 now\nparses /etc/sudoers containing AD groups correctly. (BZ#855836)\n\n* Previously, the sudo utility did not escape the backslash characters\ncontained in user names properly. Consequently, if a system used sudo\nintegrated with LDAP or Active Directory (AD) as the primary authentication\nmechanism, users were not able to authenticate on that system. With this\nupdate, sudo has been modified to process LDAP and AD names correctly and\nthe authentication process now works as expected. (BZ#869287)\n\n* Prior to this update, the \u0027visudo -s (strict)\u0027 command incorrectly parsed\ncertain alias definitions. Consequently, an error message was issued. The\nbug has been fixed, and parsing errors no longer occur when using \u0027visudo\n-s\u0027. (BZ#905624)\n\nAll sudo users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1353",
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "853203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853203"
},
{
"category": "external",
"summary": "856902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856902"
},
{
"category": "external",
"summary": "916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "916365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"category": "external",
"summary": "949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1353.json"
}
],
"title": "Red Hat Security Advisory: sudo security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T07:02:54+00:00",
"generator": {
"date": "2024-11-22T07:02:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1353",
"initial_release_date": "2013-09-30T20:30:00+00:00",
"revision_history": [
{
"date": "2013-09-30T20:30:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-09-30T20:31:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:02:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.s390x",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.s390x",
"product_id": "sudo-0:1.7.2p1-28.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.ia64",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.ia64",
"product_id": "sudo-0:1.7.2p1-28.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.ppc",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.ppc",
"product_id": "sudo-0:1.7.2p1-28.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.src",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.src",
"product_id": "sudo-0:1.7.2p1-28.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.i386",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.i386",
"product_id": "sudo-0:1.7.2p1-28.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.x86_64",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64",
"product_id": "sudo-0:1.7.2p1-28.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.src"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.src"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1775",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916363"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: authentication bypass via reset system clock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1775"
},
{
"category": "external",
"summary": "RHBZ#916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html",
"url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: authentication bypass via reset system clock"
},
{
"cve": "CVE-2013-1776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916365"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1776"
},
{
"category": "external",
"summary": "RHBZ#916365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1776"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/tty_tickets.html",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
},
{
"cve": "CVE-2013-2776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949751"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2776"
},
{
"category": "external",
"summary": "RHBZ#949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
}
]
}
rhsa-2013_1353
Vulnerability from csaf_redhat
Published
2013-09-30 20:30
Modified
2024-11-22 07:02
Summary
Red Hat Security Advisory: sudo security and bug fix update
Notes
Topic
An updated sudo package that fixes multiple security issues and several
bugs is now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A flaw was found in the way sudo handled time stamp files. An attacker able
to run code as a local user and with the ability to control the system
clock could possibly gain additional privileges by running commands that
the victim user was allowed to run via sudo, without knowing the victim's
password. (CVE-2013-1775)
It was found that sudo did not properly validate the controlling terminal
device when the tty_tickets option was enabled in the /etc/sudoers file. An
attacker able to run code as a local user could possibly gain additional
privileges by running commands that the victim user was allowed to run via
sudo, without knowing the victim's password. (CVE-2013-1776, CVE-2013-2776)
This update also fixes the following bugs:
* Due to a bug in the cycle detection algorithm of the visudo utility,
visudo incorrectly evaluated certain alias definitions in the /etc/sudoers
file as cycles. Consequently, a warning message about undefined aliases
appeared. This bug has been fixed, /etc/sudoers is now parsed correctly by
visudo and the warning message no longer appears. (BZ#849679)
* Previously, the 'sudo -l' command did not parse the /etc/sudoers file
correctly if it contained an Active Directory (AD) group. The file was
parsed only up to the first AD group information and then the parsing
failed with the following message:
sudo: unable to cache group ADDOM\admingroup, already exists
With this update, the underlying code has been modified and 'sudo -l' now
parses /etc/sudoers containing AD groups correctly. (BZ#855836)
* Previously, the sudo utility did not escape the backslash characters
contained in user names properly. Consequently, if a system used sudo
integrated with LDAP or Active Directory (AD) as the primary authentication
mechanism, users were not able to authenticate on that system. With this
update, sudo has been modified to process LDAP and AD names correctly and
the authentication process now works as expected. (BZ#869287)
* Prior to this update, the 'visudo -s (strict)' command incorrectly parsed
certain alias definitions. Consequently, an error message was issued. The
bug has been fixed, and parsing errors no longer occur when using 'visudo
-s'. (BZ#905624)
All sudo users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated sudo package that fixes multiple security issues and several\nbugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root.\n\nA flaw was found in the way sudo handled time stamp files. An attacker able\nto run code as a local user and with the ability to control the system\nclock could possibly gain additional privileges by running commands that\nthe victim user was allowed to run via sudo, without knowing the victim\u0027s\npassword. (CVE-2013-1775)\n\nIt was found that sudo did not properly validate the controlling terminal\ndevice when the tty_tickets option was enabled in the /etc/sudoers file. An\nattacker able to run code as a local user could possibly gain additional\nprivileges by running commands that the victim user was allowed to run via\nsudo, without knowing the victim\u0027s password. (CVE-2013-1776, CVE-2013-2776)\n\nThis update also fixes the following bugs:\n\n* Due to a bug in the cycle detection algorithm of the visudo utility,\nvisudo incorrectly evaluated certain alias definitions in the /etc/sudoers\nfile as cycles. Consequently, a warning message about undefined aliases\nappeared. This bug has been fixed, /etc/sudoers is now parsed correctly by\nvisudo and the warning message no longer appears. (BZ#849679)\n\n* Previously, the \u0027sudo -l\u0027 command did not parse the /etc/sudoers file\ncorrectly if it contained an Active Directory (AD) group. The file was\nparsed only up to the first AD group information and then the parsing\nfailed with the following message:\n\n sudo: unable to cache group ADDOM\\admingroup, already exists\n\nWith this update, the underlying code has been modified and \u0027sudo -l\u0027 now\nparses /etc/sudoers containing AD groups correctly. (BZ#855836)\n\n* Previously, the sudo utility did not escape the backslash characters\ncontained in user names properly. Consequently, if a system used sudo\nintegrated with LDAP or Active Directory (AD) as the primary authentication\nmechanism, users were not able to authenticate on that system. With this\nupdate, sudo has been modified to process LDAP and AD names correctly and\nthe authentication process now works as expected. (BZ#869287)\n\n* Prior to this update, the \u0027visudo -s (strict)\u0027 command incorrectly parsed\ncertain alias definitions. Consequently, an error message was issued. The\nbug has been fixed, and parsing errors no longer occur when using \u0027visudo\n-s\u0027. (BZ#905624)\n\nAll sudo users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1353",
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "853203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=853203"
},
{
"category": "external",
"summary": "856902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856902"
},
{
"category": "external",
"summary": "916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "916365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"category": "external",
"summary": "949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1353.json"
}
],
"title": "Red Hat Security Advisory: sudo security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T07:02:54+00:00",
"generator": {
"date": "2024-11-22T07:02:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1353",
"initial_release_date": "2013-09-30T20:30:00+00:00",
"revision_history": [
{
"date": "2013-09-30T20:30:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-09-30T20:31:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:02:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.s390x",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.s390x",
"product_id": "sudo-0:1.7.2p1-28.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.ia64",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.ia64",
"product_id": "sudo-0:1.7.2p1-28.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.ppc",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.ppc",
"product_id": "sudo-0:1.7.2p1-28.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.src",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.src",
"product_id": "sudo-0:1.7.2p1-28.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.i386",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.i386",
"product_id": "sudo-0:1.7.2p1-28.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.7.2p1-28.el5.x86_64",
"product": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64",
"product_id": "sudo-0:1.7.2p1-28.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.7.2p1-28.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product_id": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.7.2p1-28.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.src"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.src"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1775",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916363"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: authentication bypass via reset system clock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1775"
},
{
"category": "external",
"summary": "RHBZ#916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html",
"url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: authentication bypass via reset system clock"
},
{
"cve": "CVE-2013-1776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916365"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1776"
},
{
"category": "external",
"summary": "RHBZ#916365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1776"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/tty_tickets.html",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
},
{
"cve": "CVE-2013-2776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949751"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2776"
},
{
"category": "external",
"summary": "RHBZ#949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-09-30T20:30:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at \nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1353"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client:sudo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-0:1.7.2p1-28.el5.src",
"5Client:sudo-0:1.7.2p1-28.el5.x86_64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Client:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-0:1.7.2p1-28.el5.src",
"5Server:sudo-0:1.7.2p1-28.el5.x86_64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.i386",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ia64",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.ppc",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.s390x",
"5Server:sudo-debuginfo-0:1.7.2p1-28.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
}
]
}
rhsa-2013_1701
Vulnerability from csaf_redhat
Published
2013-11-20 16:47
Modified
2024-11-22 07:02
Summary
Red Hat Security Advisory: sudo security, bug fix and enhancement update
Notes
Topic
An updated sudo package that fixes two security issues, several bugs, and
adds two enhancements is now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A flaw was found in the way sudo handled time stamp files. An attacker able
to run code as a local user and with the ability to control the system
clock could possibly gain additional privileges by running commands that
the victim user was allowed to run via sudo, without knowing the victim's
password. (CVE-2013-1775)
It was found that sudo did not properly validate the controlling terminal
device when the tty_tickets option was enabled in the /etc/sudoers file.
An attacker able to run code as a local user could possibly gain additional
privileges by running commands that the victim user was allowed to run via
sudo, without knowing the victim's password. (CVE-2013-2776, CVE-2013-2777)
This update also fixes the following bugs:
* Previously, sudo did not support netgroup filtering for sources from the
System Security Services Daemon (SSSD). Consequently, SSSD rules were
applied to all users even when they did not belong to the specified
netgroup. With this update, netgroup filtering for SSSD sources has been
implemented. As a result, rules with a netgroup specification are applied
only to users that are part of the netgroup. (BZ#880150)
* When the sudo utility set up the environment in which it ran a command,
it reset the value of the RLIMIT_NPROC resource limit to the parent's value
of this limit if both the soft (current) and hard (maximum) values of
RLIMIT_NPROC were not limited. An upstream patch has been provided to
address this bug and RLIMIT_NPROC can now be set to "unlimited".
(BZ#947276)
* Due to the refactoring of the sudo code by upstream, the SUDO_USER
variable that stores the name of the user running the sudo command was not
logged to the /var/log/secure file as before. Consequently, user name
"root" was always recorded instead of the real user name. With this update,
the previous behavior of sudo has been restored. As a result, the expected
user name is now written to /var/log/secure. (BZ#973228)
* Due to an error in a loop condition in sudo's rule listing code, a buffer
overflow could have occurred in certain cases. This condition has been
fixed and the buffer overflow no longer occurs. (BZ#994626)
In addition, this update adds the following enhancements:
* With this update, sudo has been modified to send debug messages about
netgroup matching to the debug log. These messages should provide better
understanding of how sudo matches netgroup database records with values
from the running system and what the values are exactly. (BZ#848111)
* With this update, sudo has been modified to accept the ipa_hostname value
from the /etc/sssd/sssd.conf configuration file when matching netgroups.
(BZ#853542)
All sudo users are advised to upgrade to this updated package, which
contains backported patches to correct these issues and add
these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated sudo package that fixes two security issues, several bugs, and\nadds two enhancements is now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root.\n\nA flaw was found in the way sudo handled time stamp files. An attacker able\nto run code as a local user and with the ability to control the system\nclock could possibly gain additional privileges by running commands that\nthe victim user was allowed to run via sudo, without knowing the victim\u0027s\npassword. (CVE-2013-1775)\n\nIt was found that sudo did not properly validate the controlling terminal\ndevice when the tty_tickets option was enabled in the /etc/sudoers file.\nAn attacker able to run code as a local user could possibly gain additional\nprivileges by running commands that the victim user was allowed to run via\nsudo, without knowing the victim\u0027s password. (CVE-2013-2776, CVE-2013-2777)\n\nThis update also fixes the following bugs:\n\n* Previously, sudo did not support netgroup filtering for sources from the\nSystem Security Services Daemon (SSSD). Consequently, SSSD rules were\napplied to all users even when they did not belong to the specified\nnetgroup. With this update, netgroup filtering for SSSD sources has been\nimplemented. As a result, rules with a netgroup specification are applied\nonly to users that are part of the netgroup. (BZ#880150)\n\n* When the sudo utility set up the environment in which it ran a command,\nit reset the value of the RLIMIT_NPROC resource limit to the parent\u0027s value\nof this limit if both the soft (current) and hard (maximum) values of\nRLIMIT_NPROC were not limited. An upstream patch has been provided to\naddress this bug and RLIMIT_NPROC can now be set to \"unlimited\".\n(BZ#947276)\n\n* Due to the refactoring of the sudo code by upstream, the SUDO_USER\nvariable that stores the name of the user running the sudo command was not\nlogged to the /var/log/secure file as before. Consequently, user name\n\"root\" was always recorded instead of the real user name. With this update,\nthe previous behavior of sudo has been restored. As a result, the expected\nuser name is now written to /var/log/secure. (BZ#973228)\n\n* Due to an error in a loop condition in sudo\u0027s rule listing code, a buffer\noverflow could have occurred in certain cases. This condition has been\nfixed and the buffer overflow no longer occurs. (BZ#994626)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, sudo has been modified to send debug messages about\nnetgroup matching to the debug log. These messages should provide better\nunderstanding of how sudo matches netgroup database records with values\nfrom the running system and what the values are exactly. (BZ#848111)\n\n* With this update, sudo has been modified to accept the ipa_hostname value\nfrom the /etc/sssd/sssd.conf configuration file when matching netgroups.\n(BZ#853542)\n\nAll sudo users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues and add\nthese enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1701",
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "856901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856901"
},
{
"category": "external",
"summary": "886648",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=886648"
},
{
"category": "external",
"summary": "916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "949753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949753"
},
{
"category": "external",
"summary": "994563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=994563"
},
{
"category": "external",
"summary": "994626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=994626"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1701.json"
}
],
"title": "Red Hat Security Advisory: sudo security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T07:02:59+00:00",
"generator": {
"date": "2024-11-22T07:02:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1701",
"initial_release_date": "2013-11-20T16:47:00+00:00",
"revision_history": [
{
"date": "2013-11-20T16:47:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-11-20T16:52:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:02:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=s390"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.src",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.src",
"product_id": "sudo-0:1.8.6p3-12.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1775",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916363"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: authentication bypass via reset system clock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1775"
},
{
"category": "external",
"summary": "RHBZ#916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html",
"url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: authentication bypass via reset system clock"
},
{
"cve": "CVE-2013-2776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949751"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2776"
},
{
"category": "external",
"summary": "RHBZ#949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
},
{
"cve": "CVE-2013-2777",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949753"
}
],
"notes": [
{
"category": "description",
"text": "sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2777"
},
{
"category": "external",
"summary": "RHBZ#949753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2777",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2777"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
}
]
}
rhsa-2013:1701
Vulnerability from csaf_redhat
Published
2013-11-20 16:47
Modified
2024-11-22 07:02
Summary
Red Hat Security Advisory: sudo security, bug fix and enhancement update
Notes
Topic
An updated sudo package that fixes two security issues, several bugs, and
adds two enhancements is now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A flaw was found in the way sudo handled time stamp files. An attacker able
to run code as a local user and with the ability to control the system
clock could possibly gain additional privileges by running commands that
the victim user was allowed to run via sudo, without knowing the victim's
password. (CVE-2013-1775)
It was found that sudo did not properly validate the controlling terminal
device when the tty_tickets option was enabled in the /etc/sudoers file.
An attacker able to run code as a local user could possibly gain additional
privileges by running commands that the victim user was allowed to run via
sudo, without knowing the victim's password. (CVE-2013-2776, CVE-2013-2777)
This update also fixes the following bugs:
* Previously, sudo did not support netgroup filtering for sources from the
System Security Services Daemon (SSSD). Consequently, SSSD rules were
applied to all users even when they did not belong to the specified
netgroup. With this update, netgroup filtering for SSSD sources has been
implemented. As a result, rules with a netgroup specification are applied
only to users that are part of the netgroup. (BZ#880150)
* When the sudo utility set up the environment in which it ran a command,
it reset the value of the RLIMIT_NPROC resource limit to the parent's value
of this limit if both the soft (current) and hard (maximum) values of
RLIMIT_NPROC were not limited. An upstream patch has been provided to
address this bug and RLIMIT_NPROC can now be set to "unlimited".
(BZ#947276)
* Due to the refactoring of the sudo code by upstream, the SUDO_USER
variable that stores the name of the user running the sudo command was not
logged to the /var/log/secure file as before. Consequently, user name
"root" was always recorded instead of the real user name. With this update,
the previous behavior of sudo has been restored. As a result, the expected
user name is now written to /var/log/secure. (BZ#973228)
* Due to an error in a loop condition in sudo's rule listing code, a buffer
overflow could have occurred in certain cases. This condition has been
fixed and the buffer overflow no longer occurs. (BZ#994626)
In addition, this update adds the following enhancements:
* With this update, sudo has been modified to send debug messages about
netgroup matching to the debug log. These messages should provide better
understanding of how sudo matches netgroup database records with values
from the running system and what the values are exactly. (BZ#848111)
* With this update, sudo has been modified to accept the ipa_hostname value
from the /etc/sssd/sssd.conf configuration file when matching netgroups.
(BZ#853542)
All sudo users are advised to upgrade to this updated package, which
contains backported patches to correct these issues and add
these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated sudo package that fixes two security issues, several bugs, and\nadds two enhancements is now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root.\n\nA flaw was found in the way sudo handled time stamp files. An attacker able\nto run code as a local user and with the ability to control the system\nclock could possibly gain additional privileges by running commands that\nthe victim user was allowed to run via sudo, without knowing the victim\u0027s\npassword. (CVE-2013-1775)\n\nIt was found that sudo did not properly validate the controlling terminal\ndevice when the tty_tickets option was enabled in the /etc/sudoers file.\nAn attacker able to run code as a local user could possibly gain additional\nprivileges by running commands that the victim user was allowed to run via\nsudo, without knowing the victim\u0027s password. (CVE-2013-2776, CVE-2013-2777)\n\nThis update also fixes the following bugs:\n\n* Previously, sudo did not support netgroup filtering for sources from the\nSystem Security Services Daemon (SSSD). Consequently, SSSD rules were\napplied to all users even when they did not belong to the specified\nnetgroup. With this update, netgroup filtering for SSSD sources has been\nimplemented. As a result, rules with a netgroup specification are applied\nonly to users that are part of the netgroup. (BZ#880150)\n\n* When the sudo utility set up the environment in which it ran a command,\nit reset the value of the RLIMIT_NPROC resource limit to the parent\u0027s value\nof this limit if both the soft (current) and hard (maximum) values of\nRLIMIT_NPROC were not limited. An upstream patch has been provided to\naddress this bug and RLIMIT_NPROC can now be set to \"unlimited\".\n(BZ#947276)\n\n* Due to the refactoring of the sudo code by upstream, the SUDO_USER\nvariable that stores the name of the user running the sudo command was not\nlogged to the /var/log/secure file as before. Consequently, user name\n\"root\" was always recorded instead of the real user name. With this update,\nthe previous behavior of sudo has been restored. As a result, the expected\nuser name is now written to /var/log/secure. (BZ#973228)\n\n* Due to an error in a loop condition in sudo\u0027s rule listing code, a buffer\noverflow could have occurred in certain cases. This condition has been\nfixed and the buffer overflow no longer occurs. (BZ#994626)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, sudo has been modified to send debug messages about\nnetgroup matching to the debug log. These messages should provide better\nunderstanding of how sudo matches netgroup database records with values\nfrom the running system and what the values are exactly. (BZ#848111)\n\n* With this update, sudo has been modified to accept the ipa_hostname value\nfrom the /etc/sssd/sssd.conf configuration file when matching netgroups.\n(BZ#853542)\n\nAll sudo users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues and add\nthese enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1701",
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "856901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856901"
},
{
"category": "external",
"summary": "886648",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=886648"
},
{
"category": "external",
"summary": "916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "949753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949753"
},
{
"category": "external",
"summary": "994563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=994563"
},
{
"category": "external",
"summary": "994626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=994626"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1701.json"
}
],
"title": "Red Hat Security Advisory: sudo security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T07:02:59+00:00",
"generator": {
"date": "2024-11-22T07:02:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1701",
"initial_release_date": "2013-11-20T16:47:00+00:00",
"revision_history": [
{
"date": "2013-11-20T16:47:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-11-20T16:52:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:02:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=s390"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.src",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.src",
"product_id": "sudo-0:1.8.6p3-12.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1775",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916363"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: authentication bypass via reset system clock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1775"
},
{
"category": "external",
"summary": "RHBZ#916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html",
"url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: authentication bypass via reset system clock"
},
{
"cve": "CVE-2013-2776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949751"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2776"
},
{
"category": "external",
"summary": "RHBZ#949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
},
{
"cve": "CVE-2013-2777",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949753"
}
],
"notes": [
{
"category": "description",
"text": "sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2777"
},
{
"category": "external",
"summary": "RHBZ#949753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2777",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2777"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
}
]
}
RHSA-2013:1701
Vulnerability from csaf_redhat
Published
2013-11-20 16:47
Modified
2024-11-22 07:02
Summary
Red Hat Security Advisory: sudo security, bug fix and enhancement update
Notes
Topic
An updated sudo package that fixes two security issues, several bugs, and
adds two enhancements is now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The sudo (superuser do) utility allows system administrators to give
certain users the ability to run commands as root.
A flaw was found in the way sudo handled time stamp files. An attacker able
to run code as a local user and with the ability to control the system
clock could possibly gain additional privileges by running commands that
the victim user was allowed to run via sudo, without knowing the victim's
password. (CVE-2013-1775)
It was found that sudo did not properly validate the controlling terminal
device when the tty_tickets option was enabled in the /etc/sudoers file.
An attacker able to run code as a local user could possibly gain additional
privileges by running commands that the victim user was allowed to run via
sudo, without knowing the victim's password. (CVE-2013-2776, CVE-2013-2777)
This update also fixes the following bugs:
* Previously, sudo did not support netgroup filtering for sources from the
System Security Services Daemon (SSSD). Consequently, SSSD rules were
applied to all users even when they did not belong to the specified
netgroup. With this update, netgroup filtering for SSSD sources has been
implemented. As a result, rules with a netgroup specification are applied
only to users that are part of the netgroup. (BZ#880150)
* When the sudo utility set up the environment in which it ran a command,
it reset the value of the RLIMIT_NPROC resource limit to the parent's value
of this limit if both the soft (current) and hard (maximum) values of
RLIMIT_NPROC were not limited. An upstream patch has been provided to
address this bug and RLIMIT_NPROC can now be set to "unlimited".
(BZ#947276)
* Due to the refactoring of the sudo code by upstream, the SUDO_USER
variable that stores the name of the user running the sudo command was not
logged to the /var/log/secure file as before. Consequently, user name
"root" was always recorded instead of the real user name. With this update,
the previous behavior of sudo has been restored. As a result, the expected
user name is now written to /var/log/secure. (BZ#973228)
* Due to an error in a loop condition in sudo's rule listing code, a buffer
overflow could have occurred in certain cases. This condition has been
fixed and the buffer overflow no longer occurs. (BZ#994626)
In addition, this update adds the following enhancements:
* With this update, sudo has been modified to send debug messages about
netgroup matching to the debug log. These messages should provide better
understanding of how sudo matches netgroup database records with values
from the running system and what the values are exactly. (BZ#848111)
* With this update, sudo has been modified to accept the ipa_hostname value
from the /etc/sssd/sssd.conf configuration file when matching netgroups.
(BZ#853542)
All sudo users are advised to upgrade to this updated package, which
contains backported patches to correct these issues and add
these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated sudo package that fixes two security issues, several bugs, and\nadds two enhancements is now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root.\n\nA flaw was found in the way sudo handled time stamp files. An attacker able\nto run code as a local user and with the ability to control the system\nclock could possibly gain additional privileges by running commands that\nthe victim user was allowed to run via sudo, without knowing the victim\u0027s\npassword. (CVE-2013-1775)\n\nIt was found that sudo did not properly validate the controlling terminal\ndevice when the tty_tickets option was enabled in the /etc/sudoers file.\nAn attacker able to run code as a local user could possibly gain additional\nprivileges by running commands that the victim user was allowed to run via\nsudo, without knowing the victim\u0027s password. (CVE-2013-2776, CVE-2013-2777)\n\nThis update also fixes the following bugs:\n\n* Previously, sudo did not support netgroup filtering for sources from the\nSystem Security Services Daemon (SSSD). Consequently, SSSD rules were\napplied to all users even when they did not belong to the specified\nnetgroup. With this update, netgroup filtering for SSSD sources has been\nimplemented. As a result, rules with a netgroup specification are applied\nonly to users that are part of the netgroup. (BZ#880150)\n\n* When the sudo utility set up the environment in which it ran a command,\nit reset the value of the RLIMIT_NPROC resource limit to the parent\u0027s value\nof this limit if both the soft (current) and hard (maximum) values of\nRLIMIT_NPROC were not limited. An upstream patch has been provided to\naddress this bug and RLIMIT_NPROC can now be set to \"unlimited\".\n(BZ#947276)\n\n* Due to the refactoring of the sudo code by upstream, the SUDO_USER\nvariable that stores the name of the user running the sudo command was not\nlogged to the /var/log/secure file as before. Consequently, user name\n\"root\" was always recorded instead of the real user name. With this update,\nthe previous behavior of sudo has been restored. As a result, the expected\nuser name is now written to /var/log/secure. (BZ#973228)\n\n* Due to an error in a loop condition in sudo\u0027s rule listing code, a buffer\noverflow could have occurred in certain cases. This condition has been\nfixed and the buffer overflow no longer occurs. (BZ#994626)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, sudo has been modified to send debug messages about\nnetgroup matching to the debug log. These messages should provide better\nunderstanding of how sudo matches netgroup database records with values\nfrom the running system and what the values are exactly. (BZ#848111)\n\n* With this update, sudo has been modified to accept the ipa_hostname value\nfrom the /etc/sssd/sssd.conf configuration file when matching netgroups.\n(BZ#853542)\n\nAll sudo users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues and add\nthese enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1701",
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "856901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=856901"
},
{
"category": "external",
"summary": "886648",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=886648"
},
{
"category": "external",
"summary": "916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "949753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949753"
},
{
"category": "external",
"summary": "994563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=994563"
},
{
"category": "external",
"summary": "994626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=994626"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1701.json"
}
],
"title": "Red Hat Security Advisory: sudo security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T07:02:59+00:00",
"generator": {
"date": "2024-11-22T07:02:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1701",
"initial_release_date": "2013-11-20T16:47:00+00:00",
"revision_history": [
{
"date": "2013-11-20T16:47:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-11-20T16:52:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:02:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.ppc64",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64",
"product_id": "sudo-0:1.8.6p3-12.el6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=s390"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.s390x",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.s390x",
"product_id": "sudo-0:1.8.6p3-12.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.i686",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.i686",
"product_id": "sudo-0:1.8.6p3-12.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-debuginfo@1.8.6p3-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo-devel@1.8.6p3-12.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.x86_64",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64",
"product_id": "sudo-0:1.8.6p3-12.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "sudo-0:1.8.6p3-12.el6.src",
"product": {
"name": "sudo-0:1.8.6p3-12.el6.src",
"product_id": "sudo-0:1.8.6p3-12.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/sudo@1.8.6p3-12.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.src"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.src",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.ppc64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.s390x",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sudo-devel-0:1.8.6p3-12.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
},
"product_reference": "sudo-devel-0:1.8.6p3-12.el6.x86_64",
"relates_to_product_reference": "6Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1775",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "916363"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: authentication bypass via reset system clock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1775"
},
{
"category": "external",
"summary": "RHBZ#916363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1775"
},
{
"category": "external",
"summary": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html",
"url": "http://www.sudo.ws/sudo/alerts/epoch_ticket.html"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: authentication bypass via reset system clock"
},
{
"cve": "CVE-2013-2776",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949751"
}
],
"notes": [
{
"category": "description",
"text": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2776"
},
{
"category": "external",
"summary": "RHBZ#949751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
},
{
"cve": "CVE-2013-2777",
"discovery_date": "2013-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "949753"
}
],
"notes": [
{
"category": "description",
"text": "sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sudo: bypass of tty_tickets constraints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2777"
},
{
"category": "external",
"summary": "RHBZ#949753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2777",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2777"
}
],
"release_date": "2013-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-11-20T16:47:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1701"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-0:1.8.6p3-12.el6.src",
"6Client-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-0:1.8.6p3-12.el6.src",
"6Client:sudo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Client:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Client:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Client:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.src",
"6ComputeNode:sudo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.i686",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6ComputeNode:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-0:1.8.6p3-12.el6.src",
"6Server-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-0:1.8.6p3-12.el6.src",
"6Server:sudo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Server:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Server:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Server:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.src",
"6Workstation-optional:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation-optional:sudo-devel-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-0:1.8.6p3-12.el6.src",
"6Workstation:sudo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-debuginfo-0:1.8.6p3-12.el6.x86_64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.i686",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.ppc64",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.s390x",
"6Workstation:sudo-devel-0:1.8.6p3-12.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "sudo: bypass of tty_tickets constraints"
}
]
}
fkie_cve-2013-2776
Vulnerability from fkie_nvd
Published
2013-04-08 17:55
Modified
2024-11-21 01:52
Severity ?
Summary
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC4F3BEB-BF2B-4E5F-A376-E23E6B532E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "976B5923-1BCC-4DE6-A904-930DD833B937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5452DF1-0270-452D-90EB-45E9A084B94C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFD12E6-F92E-4371-ADA7-BCD41E4C9014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EF4CB38-4033-46A1-9155-DC348261CAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "67FDF4FB-06FA-4A10-A3CF-F52169BC8072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
"matchCriteriaId": "26DB5610-03CE-425E-8855-70D5787029FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DFC86C-7743-4F27-BC10-170F04C23D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*",
"matchCriteriaId": "55799ECB-CEB1-4839-8053-4C1F071D1526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2170CFD0-2594-45FB-B68F-0A75114F00A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "294FC65B-4225-475A-B49A-758823CEDECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6156B085-AA17-458C-AED1-D658275E43B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*",
"matchCriteriaId": "85AA3DDA-BEC4-422D-8542-3FF5C6F5FA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B6419309-385F-4525-AD4B-C73B1A3ED935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3604EC-3109-41AF-9068-60C639557BEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EE103608-6BCB-4EC0-8EB1-110A80829592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*",
"matchCriteriaId": "2F03EF9C-D90D-425E-AC35-8DD02B7C03F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC8D478-8554-4947-926A-8B1B27DD122D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*",
"matchCriteriaId": "64435258-4639-438E-825F-E6AA82D41745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*",
"matchCriteriaId": "C33BC128-A782-465A-8AF0-860EBC8388EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643ABD1F-83E1-4B71-AA59-8CF8B4018A46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8967DE4C-3D41-4BCE-97B0-469FCFBCE332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0D8CB9-3156-4F7F-A616-59EF530540D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C91B0A-44B6-4B33-A0ED-295C56D97546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*",
"matchCriteriaId": "07945224-A955-4A33-B54B-11D128FCA0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*",
"matchCriteriaId": "41F70C45-9522-4F49-A5B9-62E03410F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEAE0BA2-D9AC-40A3-A4DC-1E33DEE7200C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*",
"matchCriteriaId": "4FEF4FBB-E045-43CE-A9F9-3FF7F9FE3400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*",
"matchCriteriaId": "68372F8A-9AFD-45DE-A9B8-4CDF3154E349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*",
"matchCriteriaId": "77DC6C6B-4585-401D-B02E-E70E6157DBC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*",
"matchCriteriaId": "55788B87-B41B-43F4-BA54-5208A4233500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "837DD56D-267D-4AAA-9DB3-4B42FAE6E10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*",
"matchCriteriaId": "444B3D9E-51F6-4CED-9265-576DBDE40897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*",
"matchCriteriaId": "73FB7063-441C-445B-9C2E-BF92C8F3F43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4170A7-4824-4108-A8CA-988F0E3F3747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*",
"matchCriteriaId": "93EB0CA9-CE51-4AA3-AF29-4F201EB1A45D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*",
"matchCriteriaId": "54614B98-E779-4FD9-ABF0-3ACA3F49921F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.4p6:*:*:*:*:*:*:*",
"matchCriteriaId": "A84C0BBA-8C4F-457E-A45E-A4C4DB357B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06A22F86-72E8-42AE-BD52-BFF6498AB999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C585A90-21F0-4BCF-85A4-BF470F581CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.6p1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B6FF76-F715-489B-8113-F9E00ADAD739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.6p2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD87C06-62F3-4A7B-B7C1-055C41B9A7C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "28E7BF14-597B-4C3F-A8CE-5359C047F9C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D329BB-490F-4903-93FC-E45AF6EAEE4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.8p1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA124FE0-B4E7-4F2E-B611-25D9897C32B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.8p2:*:*:*:*:*:*:*",
"matchCriteriaId": "662FC083-721B-416B-A081-0C474D6764E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A426F146-45BD-4666-81C0-00B719206288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.9p1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBEB4E5-5B8D-4D01-A2A6-8BD6C39B39C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "46C40A7E-2ED8-4D13-A381-A219CC6B1B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10p1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7958DC3-1D59-47CB-A4C8-40EB675ED08A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10p2:*:*:*:*:*:*:*",
"matchCriteriaId": "119AC9FA-3174-4982-A58F-D5F8FACC7411",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10p3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF14E93E-29CA-4A30-966B-5D71A03A6B0A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10p4:*:*:*:*:*:*:*",
"matchCriteriaId": "3E59EA28-3FED-4BBC-AEC6-BE60C3107494",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.7.10p5:*:*:*:*:*:*:*",
"matchCriteriaId": "D576845C-2645-46E5-B6EE-C23FA80A44B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CCE5D7D-D269-4A10-B3C0-C5177F30BD29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3F57804C-633D-4A0C-AF73-21C0BFBEA715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2447F3-85CF-40F2-9472-B3775DE034DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B06006-124F-4B11-BEC3-D0E5060FCB56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97FF463B-A0BE-4E14-B644-F42D5D5CAB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2224F7BC-145F-4E06-AAD8-280AD42339CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*",
"matchCriteriaId": "344BF379-17AF-4296-B0A7-947B09C1581B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.3p2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA5CE6-F191-4FC2-AA36-562EB59E28F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0403E11-4280-49C2-9E38-E0524BC31768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p1:*:*:*:*:*:*:*",
"matchCriteriaId": "03B9393C-63FD-47EF-99F6-AF0186A248F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F2050DA-B737-437A-8BFA-76F0D4C41DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p3:*:*:*:*:*:*:*",
"matchCriteriaId": "91329D57-58F5-4159-B156-889D78B9935D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p4:*:*:*:*:*:*:*",
"matchCriteriaId": "4548A6F5-EEB8-48BB-9653-9676FEBA63BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.4p5:*:*:*:*:*:*:*",
"matchCriteriaId": "19B53B8A-6EF1-42BE-90A0-90EE65FBD0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A71D36B-D2FD-4EDA-9D99-BF9F44DA980D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DB3D2805-A361-4A13-9E19-889CBE703137",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.6p1:*:*:*:*:*:*:*",
"matchCriteriaId": "00C4F9EE-9907-46E8-980F-FEBC5591C1FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.6p2:*:*:*:*:*:*:*",
"matchCriteriaId": "12DD19E7-A84F-4667-BFF7-C8D010648330",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.6p3:*:*:*:*:*:*:*",
"matchCriteriaId": "67E5AA45-D8C7-467C-BB10-0FE923C99D73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.6p4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9BD09D8-2388-444F-926A-78BD74469928",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:todd_miller:sudo:1.8.6p5:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F4C1EC-57BE-49E3-82AE-40B987059C41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions."
},
{
"lang": "es",
"value": "sudo v1.3.5 hasta v1.7.10p5 y v1.8.0 hasta v1.8.6p6, cuando se ejecuta en sistemas sin /proc o la funci\u00f3n sysctl con la opci\u00f3n tty_tickets habilitada, no valida correctamente el control de dispositivo terminal, lo que permite a los usuarios locales con permisos de sudo para secuestrar a la autorizaci\u00f3n de otra terminal a trav\u00e9s de vectores relacionados con una sesi\u00f3n sin un dispositivo terminal de control y la conexi\u00f3n a una entrada est\u00e1ndar, salida, y descriptores de error de archivo de otros terminal. NOTA: esta es una de las tres vulnerabilidades estrechamente relacionadas con las que se asign\u00f3 originalmente a CVE-2013-1776, pero se han dividido debido a las diferentes versiones afectadas."
}
],
"id": "CVE-2013-2776",
"lastModified": "2024-11-21T01:52:20.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-08T17:55:01.127",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/58207"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/62741"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"source": "cve@mitre.org",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/58207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-crcj-xh9h-7wr8
Vulnerability from github
Published
2022-05-17 01:35
Modified
2022-05-17 01:35
Details
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
{
"affected": [],
"aliases": [
"CVE-2013-2776"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-04-08T17:55:00Z",
"severity": "MODERATE"
},
"details": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.",
"id": "GHSA-crcj-xh9h-7wr8",
"modified": "2022-05-17T01:35:57Z",
"published": "2022-05-17T01:35:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2776"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT205031"
},
{
"type": "WEB",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/58207"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/62741"
},
{
"type": "WEB",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"type": "WEB",
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"type": "WEB",
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"type": "WEB",
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
var-201304-0405
Vulnerability from variot
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. The vulnerability was closely related 3 Of one vulnerability 1 And against them CVE-2013-1776 of 1 Was numbered, but the affected version is different 3 Divided into two.sudo An authorized local user may be able to hijack authentication on other terminals. Todd Miller 'sudo' is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This issue affects 'sudo' 1.3.5 through 1.7.10p5 and sudo 1.8.0 through 1.8.6p6. Note: An attacker requires the 'tty_tickets' option to enable in versions prior to sudo 1.7.4.. Sudo is a set of programs developed by software developer Todd C. Miller for Unix-like operating systems and allows users to execute commands with special privileges in a secure manner. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-23
http://security.gentoo.org/
Severity: High Title: sudo: Privilege escalation Date: January 21, 2014 Bugs: #459722 ID: 201401-23
Synopsis
Multiple vulnerabilities have been found in sudo which could result in privilege escalation. Access to commands may also be granted on a range to hosts. * sudo does not properly handle the clock when it is set to the epoch. Additionally, a local or physically proximate attacker could set the system clock to the epoch, bypassing time restrictions on sudo authentication.
Workaround
There is no known workaround at this time.
Resolution
All sudo users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.6_p7"
References
[ 1 ] CVE-2013-1775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1775 [ 2 ] CVE-2013-1776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1776 [ 3 ] CVE-2013-2776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2776 [ 4 ] CVE-2013-2777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2777
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-23.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
OS X Yosemite v10.10.5 and Security Update 2015-006 is now available and addresses the following:
apache Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in Apache 2.4.16, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These were addressed by updating Apache to version 2.4.16. CVE-ID CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185
apache_mod_php Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution. Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27. CVE-ID CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148
Apple ID OD Plug-in Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able change the password of a local user Description: In some circumstances, a state management issue existed in password authentication. The issue was addressed through improved state management. CVE-ID CVE-2015-3799 : an anonymous researcher working with HP's Zero Day Initiative
AppleGraphicsControl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5768 : JieTao Yang of KeenTeam
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOBluetoothHCIController. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3779 : Teddy Reed of Facebook Security
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: A memory management issue could have led to the disclosure of kernel memory layout. This issue was addressed with improved memory management. CVE-ID CVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze Networks
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious app may be able to access notifications from other iCloud devices Description: An issue existed where a malicious app could access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service. The issue affected devices using Handoff and logged into the same iCloud account. This issue was resolved by revoking access to the Apple Notification Center Service. CVE-ID CVE-2015-3786 : Xiaolong Bai (Tsinghua University), System Security Lab (Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University)
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: An attacker with privileged network position may be able to perform denial of service attack using malformed Bluetooth packets Description: An input validation issue existed in parsing of Bluetooth ACL packets. This issue was addressed through improved input validation. CVE-ID CVE-2015-3787 : Trend Micro
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple buffer overflow issues existed in blued's handling of XPC messages. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-3777 : mitp0sh of [PDX]
bootp Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may have broadcast MAC addresses of previously accessed networks via the DNAv4 protocol. This issue was addressed through disabling DNAv4 on unencrypted Wi-Fi networks. CVE-ID CVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)
CloudKit Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to access the iCloud user record of a previously signed in user Description: A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling. CVE-ID CVE-2015-3782 : Deepkanwal Plaha of University of Toronto
CoreMedia Playback Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in CoreMedia Playback. These were addressed through improved memory handling. CVE-ID CVE-2015-5777 : Apple CVE-2015-5778 : Apple
CoreText Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team
curl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy. Description: Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0. CVE-ID CVE-2014-3613 CVE-2014-3620 CVE-2014-3707 CVE-2014-8150 CVE-2014-8151 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153
Data Detectors Engine Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a sequence of unicode characters can lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in processing of Unicode characters. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)
Date & Time pref pane Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Applications that rely on system time may have unexpected behavior Description: An authorization issue existed when modifying the system date and time preferences. This issue was addressed with additional authorization checks. CVE-ID CVE-2015-3757 : Mark S C Smith
Dictionary Application Available for: OS X Yosemite v10.10 to v10.10.4 Impact: An attacker with a privileged network position may be able to intercept users' Dictionary app queries Description: An issue existed in the Dictionary app, which did not properly secure user communications. This issue was addressed by moving Dictionary queries to HTTPS. CVE-ID CVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team
DiskImages Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team
dyld Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in dyld. This was addressed through improved environment sanitization. CVE-ID CVE-2015-3760 : beist of grayhash, Stefan Esser
FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-3804 : Apple CVE-2015-5775 : Apple
FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team
groff Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple issues in pdfroff Description: Multiple issues existed in pdfroff, the most serious of which may allow arbitrary filesystem modification. These issues were addressed by removing pdfroff. CVE-ID CVE-2009-5044 CVE-2009-5078
ImageIO Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of TIFF images. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5758 : Apple
ImageIO Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Visiting a maliciously crafted website may result in the disclosure of process memory Description: An uninitialized memory access issue existed in ImageIO's handling of PNG and TIFF images. Visiting a malicious website may result in sending data from process memory to the website. This issue is addressed through improved memory initialization and additional validation of PNG and TIFF images. CVE-ID CVE-2015-5781 : Michal Zalewski CVE-2015-5782 : Michal Zalewski
Install Framework Legacy Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with root privileges Description: An issue existed in how Install.framework's 'runner' binary dropped privileges. This issue was addressed through improved privilege management. CVE-ID CVE-2015-5784 : Ian Beer of Google Project Zero
Install Framework Legacy Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A race condition existed in Install.framework's 'runner' binary that resulted in privileges being incorrectly dropped. This issue was addressed through improved object locking. CVE-ID CVE-2015-5754 : Ian Beer of Google Project Zero
IOFireWireFamily Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation. CVE-ID CVE-2015-3769 : Ilja van Sprundel CVE-2015-3771 : Ilja van Sprundel CVE-2015-3772 : Ilja van Sprundel
IOGraphics Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOGraphics. This issue was addressed through additional type input validation. CVE-ID CVE-2015-3770 : Ilja van Sprundel CVE-2015-5783 : Ilja van Sprundel
IOHIDFamily Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5774 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in the mach_port_space_info interface, which could have led to the disclosure of kernel memory layout. This was addressed by disabling the mach_port_space_info interface. CVE-ID CVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team, @PanguTeam
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments. CVE-ID CVE-2015-3768 : Ilja van Sprundel
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to cause a system denial of service Description: A resource exhaustion issue existed in the fasttrap driver. This was addressed through improved memory handling. CVE-ID CVE-2015-5747 : Maxime VILLARD of m00nbsd
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to cause a system denial of service Description: A validation issue existed in the mounting of HFS volumes. This was addressed by adding additional checks. CVE-ID CVE-2015-5748 : Maxime VILLARD of m00nbsd
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute unsigned code Description: An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation. CVE-ID CVE-2015-3806 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A specially crafted executable file could allow unsigned, malicious code to execute Description: An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files. CVE-ID CVE-2015-3803 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute unsigned code Description: A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks. CVE-ID CVE-2015-3802 : TaiG Jailbreak Team CVE-2015-3805 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption existed in processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein (@jollyjinx) of Jinx Germany
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed. This was addressed through improved environment sanitization. CVE-ID CVE-2015-3761 : Apple
Libc Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in the TRE library. These were addressed through improved memory handling. CVE-ID CVE-2015-3796 : Ian Beer of Google Project Zero CVE-2015-3797 : Ian Beer of Google Project Zero CVE-2015-3798 : Ian Beer of Google Project Zero
Libinfo Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in handling AF_INET6 sockets. These were addressed by improved memory handling. CVE-ID CVE-2015-5776 : Apple
libpthread Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in handling syscalls. This issue was addressed through improved lock state checking. CVE-ID CVE-2015-5757 : Lufeng Li of Qihoo 360
libxml2 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2. CVE-ID CVE-2012-6685 : Felix Groebert of Google CVE-2014-0191 : Felix Groebert of Google
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory access issue existed in libxml2. This was addressed by improved memory handling CVE-ID CVE-2014-3660 : Felix Groebert of Google
libxml2 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Apple
libxpc Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in handling of malformed XPC messages. This issue was improved through improved bounds checking. CVE-ID CVE-2015-3795 : Mathew Rowley
mail_cmds Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary shell commands Description: A validation issue existed in the mailx parsing of email addresses. This was addressed by improved sanitization. CVE-ID CVE-2014-7844
Notification Center OSX Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to access all notifications previously displayed to users Description: An issue existed in Notification Center, which did not properly delete user notifications. This issue was addressed by correctly deleting notifications dismissed by users. CVE-ID CVE-2015-3764 : Jonathan Zdziarski
ntfs Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in NTFS. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze Networks
OpenSSH Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Remote attackers may be able to circumvent a time delay for failed login attempts and conduct brute-force attacks Description: An issue existed when processing keyboard-interactive devices. This issue was addressed through improved authentication request validation. CVE-ID CVE-2015-5600
OpenSSL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792
perl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted regular expression may lead to disclosure of unexpected application termination or arbitrary code execution Description: An integer underflow issue existed in the way Perl parsed regular expressions. This issue was addressed through improved memory handling. CVE-ID CVE-2013-7422
PostgreSQL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: An attacker may be able to cause unexpected application termination or gain access to data without proper authentication Description: Multiple issues existed in PostgreSQL 9.2.4. These issues were addressed by updating PostgreSQL to 9.2.13. CVE-ID CVE-2014-0067 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244
python Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10. CVE-ID CVE-2013-7040 CVE-2013-7338 CVE-2014-1912 CVE-2014-7185 CVE-2014-9365
QL Office Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted Office document may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing of Office documents. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5773 : Apple
QL Office Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML file may lead to disclosure of user information Description: An external entity reference issue existed in XML file parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-3784 : Bruno Morisson of INTEGRITY S.A.
Quartz Composer Framework Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing of QuickTime files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5771 : Apple
Quick Look Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Searching for a previously viewed website may launch the web browser and render that website Description: An issue existed where QuickLook had the capability to execute JavaScript. The issue was addressed by disallowing execution of JavaScript. CVE-ID CVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole
QuickTime 7 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3772 CVE-2015-3779 CVE-2015-5753 : Apple CVE-2015-5779 : Apple
QuickTime 7 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3765 : Joe Burnett of Audio Poison CVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-5751 : WalkerFuz
SceneKit Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Viewing a maliciously crafted Collada file may lead to arbitrary code execution Description: A heap buffer overflow existed in SceneKit's handling of Collada files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5772 : Apple
SceneKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in SceneKit. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3783 : Haris Andrianakis of Google Security Team
Security Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A standard user may be able to gain access to admin privileges without proper authentication Description: An issue existed in handling of user authentication. This issue was addressed through improved authentication checks. CVE-ID CVE-2015-3775 : [Eldon Ahrold]
SMBClient Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the SMB client. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3773 : Ilja van Sprundel
Speech UI Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted unicode string with speech alerts enabled may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling of Unicode strings. This issue was addressed by improved memory handling. CVE-ID CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 CVE-2014-0106 CVE-2014-9680
tcpdump Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3. CVE-ID CVE-2014-8767 CVE-2014-8769 CVE-2014-9140
Text Formats Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted text file may lead to disclosure of user information Description: An XML external entity reference issue existed with TextEdit parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team
udf Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3767 : beist of grayhash
OS X Yosemite v10.10.5 includes the security content of Safari 8.0.8: https://support.apple.com/en-us/HT205033
OS X Yosemite 10.10.5 and Security Update 2015-006 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJVzM3+AAoJEBcWfLTuOo7tx/YP/RTsUUx0UTk7rXj6AEcHmiR4 Y2xTUOXqRmxhieSbsGK9laKL5++lIzkGh5RC7oYag0+OgWtZz+EU/EtdoEJmGNJ6 +PgoEnizYdKhO1kos1KCHOwG6UFCqoeEm6Icm33nVUqWp7uAmhVRMRxtMJEScLSR 2LpsK0grIhFXtJGqu053TSKSCa1UTab8XWteZTT84uFGMSKbAFONj5CPIrR6+uev QpVTwrnskPDBOXJwGhjypvIBTbt2aa1wjCukOAWFHwf7Pma/QUdhKRkUK4vAb9/k fu2t2fBOvSMguJHRO+340NsQR9LvmdruBeAyNUH64srF1jtbAg0QnvZsPyO5aIyR A8WrzHl3oIc0II0y7VpI+3o0J3Nn03EcBPtIKeoeyznnjNziDm72HPI2d2+5ZSRz xjAd4Nmw+dgGq+UMkusIXgtRK4HcEpwzfImf3zqnKHakSncnFPhGKyNEgn8bK9a7 AeAvSqMXXsJg8weHUF2NLnAn/42k2wIE8d5BOLaIy13xz6MJn7VUI21pK0zCaGBF sfkRFZP0eEVh8ZzU/nWp9E5KDpbsd72biJwvjWH4OrmkfzUWxStQiVwPTxtZD9LW c5ZWe+vqZJV9eYRH2hAOMPaYkOQ5Z4DySNVVOFAG0eq9til8+V0k3L7ipIVd2XUB msu6gVP8uZhFYNb8byVJ =+0e/ -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Low: sudo security, bug fix and enhancement update Advisory ID: RHSA-2013:1701-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1701.html Issue date: 2013-11-21 CVE Names: CVE-2013-1775 CVE-2013-2776 CVE-2013-2777 =====================================================================
- Summary:
An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root.
A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. An attacker able to run code as a local user could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. (CVE-2013-2776, CVE-2013-2777)
This update also fixes the following bugs:
-
Previously, sudo did not support netgroup filtering for sources from the System Security Services Daemon (SSSD). Consequently, SSSD rules were applied to all users even when they did not belong to the specified netgroup. With this update, netgroup filtering for SSSD sources has been implemented. As a result, rules with a netgroup specification are applied only to users that are part of the netgroup. (BZ#880150)
-
When the sudo utility set up the environment in which it ran a command, it reset the value of the RLIMIT_NPROC resource limit to the parent's value of this limit if both the soft (current) and hard (maximum) values of RLIMIT_NPROC were not limited. An upstream patch has been provided to address this bug and RLIMIT_NPROC can now be set to "unlimited". (BZ#947276)
-
Due to the refactoring of the sudo code by upstream, the SUDO_USER variable that stores the name of the user running the sudo command was not logged to the /var/log/secure file as before. Consequently, user name "root" was always recorded instead of the real user name. With this update, the previous behavior of sudo has been restored. As a result, the expected user name is now written to /var/log/secure. (BZ#973228)
-
Due to an error in a loop condition in sudo's rule listing code, a buffer overflow could have occurred in certain cases. This condition has been fixed and the buffer overflow no longer occurs. (BZ#994626)
In addition, this update adds the following enhancements:
-
With this update, sudo has been modified to send debug messages about netgroup matching to the debug log. These messages should provide better understanding of how sudo matches netgroup database records with values from the running system and what the values are exactly. (BZ#848111)
-
With this update, sudo has been modified to accept the ipa_hostname value from the /etc/sssd/sssd.conf configuration file when matching netgroups. (BZ#853542)
All sudo users are advised to upgrade to this updated package, which contains backported patches to correct these issues and add these enhancements.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
856901 - Defauts:! syntax in sudoers doesn't seem to work as expected 880150 - sssd +netgroup sudoUser is always matched 886648 - Access granted with invalid sudoRunAsUser/sudoRunAsGroup 916363 - CVE-2013-1775 sudo: authentication bypass via reset system clock 949751 - CVE-2013-2776 sudo: bypass of tty_tickets constraints 949753 - CVE-2013-2777 sudo: bypass of tty_tickets constraints 994563 - Warning in visudo: cycle in Host_Alias even without cycle 994626 - sudo -u sudo -l show error: *** glibc detected *** sudo: realloc(): invalid next size: 0x00007f4ae2d10ec0 ***
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
i386: sudo-1.8.6p3-12.el6.i686.rpm sudo-debuginfo-1.8.6p3-12.el6.i686.rpm
x86_64: sudo-1.8.6p3-12.el6.x86_64.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
i386: sudo-debuginfo-1.8.6p3-12.el6.i686.rpm sudo-devel-1.8.6p3-12.el6.i686.rpm
x86_64: sudo-debuginfo-1.8.6p3-12.el6.i686.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm sudo-devel-1.8.6p3-12.el6.i686.rpm sudo-devel-1.8.6p3-12.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
x86_64: sudo-1.8.6p3-12.el6.x86_64.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
x86_64: sudo-debuginfo-1.8.6p3-12.el6.i686.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm sudo-devel-1.8.6p3-12.el6.i686.rpm sudo-devel-1.8.6p3-12.el6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
i386: sudo-1.8.6p3-12.el6.i686.rpm sudo-debuginfo-1.8.6p3-12.el6.i686.rpm
ppc64: sudo-1.8.6p3-12.el6.ppc64.rpm sudo-debuginfo-1.8.6p3-12.el6.ppc64.rpm
s390x: sudo-1.8.6p3-12.el6.s390x.rpm sudo-debuginfo-1.8.6p3-12.el6.s390x.rpm
x86_64: sudo-1.8.6p3-12.el6.x86_64.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
i386: sudo-debuginfo-1.8.6p3-12.el6.i686.rpm sudo-devel-1.8.6p3-12.el6.i686.rpm
ppc64: sudo-debuginfo-1.8.6p3-12.el6.ppc.rpm sudo-debuginfo-1.8.6p3-12.el6.ppc64.rpm sudo-devel-1.8.6p3-12.el6.ppc.rpm sudo-devel-1.8.6p3-12.el6.ppc64.rpm
s390x: sudo-debuginfo-1.8.6p3-12.el6.s390.rpm sudo-debuginfo-1.8.6p3-12.el6.s390x.rpm sudo-devel-1.8.6p3-12.el6.s390.rpm sudo-devel-1.8.6p3-12.el6.s390x.rpm
x86_64: sudo-debuginfo-1.8.6p3-12.el6.i686.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm sudo-devel-1.8.6p3-12.el6.i686.rpm sudo-devel-1.8.6p3-12.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
i386: sudo-1.8.6p3-12.el6.i686.rpm sudo-debuginfo-1.8.6p3-12.el6.i686.rpm
x86_64: sudo-1.8.6p3-12.el6.x86_64.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm
i386: sudo-debuginfo-1.8.6p3-12.el6.i686.rpm sudo-devel-1.8.6p3-12.el6.i686.rpm
x86_64: sudo-debuginfo-1.8.6p3-12.el6.i686.rpm sudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm sudo-devel-1.8.6p3-12.el6.i686.rpm sudo-devel-1.8.6p3-12.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-1775.html https://www.redhat.com/security/data/cve/CVE-2013-2776.html https://www.redhat.com/security/data/cve/CVE-2013-2777.html https://access.redhat.com/security/updates/classification/#low
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFSjZCHXlSAg2UNWIIRAt3IAJ9vk5ycVQ6pYkHYc7uM6YLFvhsSrgCfVHi+ H0zICoykOf4KltShaykk1Wo= =z/lR -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2013-1776, CVE-2013-2776)
This update also fixes the following bugs:
-
Due to a bug in the cycle detection algorithm of the visudo utility, visudo incorrectly evaluated certain alias definitions in the /etc/sudoers file as cycles. Consequently, a warning message about undefined aliases appeared. This bug has been fixed, /etc/sudoers is now parsed correctly by visudo and the warning message no longer appears. (BZ#849679)
-
Previously, the 'sudo -l' command did not parse the /etc/sudoers file correctly if it contained an Active Directory (AD) group. The file was parsed only up to the first AD group information and then the parsing failed with the following message:
sudo: unable to cache group ADDOM\admingroup, already exists
With this update, the underlying code has been modified and 'sudo -l' now parses /etc/sudoers containing AD groups correctly. (BZ#855836)
-
Previously, the sudo utility did not escape the backslash characters contained in user names properly. Consequently, if a system used sudo integrated with LDAP or Active Directory (AD) as the primary authentication mechanism, users were not able to authenticate on that system. With this update, sudo has been modified to process LDAP and AD names correctly and the authentication process now works as expected. (BZ#869287)
-
Prior to this update, the 'visudo -s (strict)' command incorrectly parsed certain alias definitions. Consequently, an error message was issued. The bug has been fixed, and parsing errors no longer occur when using 'visudo
- -s'
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0405",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sudo",
"scope": "eq",
"trust": 1.6,
"vendor": "todd miller",
"version": "1.8.4p3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.6,
"vendor": "todd miller",
"version": "1.7.10"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.6,
"vendor": "todd miller",
"version": "1.8.4p5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.6,
"vendor": "todd miller",
"version": "1.7.9p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.6,
"vendor": "todd miller",
"version": "1.7.9"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.6,
"vendor": "todd miller",
"version": "1.8.5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.4p6"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.8p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2p6"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.4p4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.8p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.3p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.8"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.2p3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.4p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2p4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.4p3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.9p22"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.3p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.4p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.9"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.8"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.3b1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.9p21"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.6"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.9p23"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2p7"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.9p20"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3_p7"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.3.5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.7p5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.0"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.1p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.6p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2p5"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.10.4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.1p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.4p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.2p3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.4p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.6p2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.6"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.7"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.2"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.4p5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.7.0"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.4p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.3"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.8.4p4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.7"
},
{
"model": "sudo",
"scope": "eq",
"trust": 1.0,
"vendor": "todd miller",
"version": "1.6.8p12"
},
{
"model": "sudo",
"scope": "eq",
"trust": 0.8,
"vendor": "todd c miller",
"version": "1.3.5 to 1.7.10p5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 0.8,
"vendor": "todd c miller",
"version": "1.8.0 to 1.8.6p6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.10 to 10.10.4"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.8.3"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.8.2"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.8.1"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.8"
},
{
"model": "miller sudo p7",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.7.2"
},
{
"model": "miller sudo p6",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.7.2"
},
{
"model": "miller sudo p5",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.7.2"
},
{
"model": "miller sudo p4",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.7.2"
},
{
"model": "miller sudo p3",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.7.2"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.7.2"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.7"
},
{
"model": "miller sudo p19",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.9"
},
{
"model": "miller sudo p18",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.9"
},
{
"model": "miller sudo p17",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.9"
},
{
"model": "miller sudo p9",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p8",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p7",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p5",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p4",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p2",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p12",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.8"
},
{
"model": "miller sudo p5",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.7"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.7"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.6"
},
{
"model": "miller sudo p2",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.5"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.5"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.5"
},
{
"model": "miller sudo p2",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.4"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.4"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.4"
},
{
"model": "miller sudo p7",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p6",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p5",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p4",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p3",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p2",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo p1",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.3"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.2"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.1"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.5.9"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.5.8"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.5.7"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.5.6"
},
{
"model": "miller sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.3.5"
},
{
"model": "miller sudo 1.8.6p6",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.8.5p3",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.8.4p5",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.8.3p2",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.8.3p1",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.7.9p1",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.7.4p4",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.7.4p3",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.7.10p5",
"scope": null,
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo p23",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.9"
},
{
"model": "miller sudo p22",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.9"
},
{
"model": "miller sudo p21",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.9"
},
{
"model": "miller sudo p20",
"scope": "eq",
"trust": 0.6,
"vendor": "todd",
"version": "1.6.9"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.6,
"vendor": "redhat",
"version": "5"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "x863.4"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "x863.3"
},
{
"model": "vm server for",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "x863.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.6,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux",
"scope": null,
"trust": 0.6,
"vendor": "gentoo",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.6,
"vendor": "avaya",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.10.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "x10.10"
},
{
"model": "miller sudo 1.8.6p7",
"scope": "ne",
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "miller sudo 1.7.10p6",
"scope": "ne",
"trust": 0.6,
"vendor": "todd",
"version": null
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.6,
"vendor": "apple",
"version": "x10.10.5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd miller",
"version": "1.8.6p1"
},
{
"model": "sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd miller",
"version": "1.7.10p4"
},
{
"model": "sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd miller",
"version": "1.7.10p5"
},
{
"model": "sudo",
"scope": "eq",
"trust": 0.6,
"vendor": "todd miller",
"version": "1.8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "voice portal sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "enterprise linux server optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura application server sip core pb19",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura communication manager utility services sp",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.16.1.0.9.8"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "aura application server sip core pb25",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "enterprise linux workstation optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura application server sip core pb26",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"model": "aura application server sip core pb28",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.7.5.0"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.3"
},
{
"model": "aura application server sip core pb16",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura application server sip core pb23",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
}
],
"sources": [
{
"db": "BID",
"id": "62741"
},
{
"db": "BID",
"id": "58207"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-100"
},
{
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:todd_miller:sudo",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "62741"
}
],
"trust": 0.3
},
"cve": "CVE-2013-2776",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2013-2776",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-62778",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2776",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-2776",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-100",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-62778",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2013-2776",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62778"
},
{
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-100"
},
{
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. The vulnerability was closely related 3 Of one vulnerability 1 And against them CVE-2013-1776 of 1 Was numbered, but the affected version is different 3 Divided into two.sudo An authorized local user may be able to hijack authentication on other terminals. Todd Miller \u0027sudo\u0027 is prone to a local security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. \nThis issue affects \u0027sudo\u0027 1.3.5 through 1.7.10p5 and sudo 1.8.0 through 1.8.6p6. \nNote: An attacker requires the \u0027tty_tickets\u0027 option to enable in versions prior to sudo 1.7.4.. Sudo is a set of programs developed by software developer Todd C. Miller for Unix-like operating systems and allows users to execute commands with special privileges in a secure manner. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-23\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: sudo: Privilege escalation\n Date: January 21, 2014\n Bugs: #459722\n ID: 201401-23\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in sudo which could result in\nprivilege escalation. Access to commands may also be granted on a\nrange to hosts. \n* sudo does not properly handle the clock when it is set to the epoch. Additionally, a local or physically proximate attacker could set\nthe system clock to the epoch, bypassing time restrictions on sudo\nauthentication. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll sudo users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-admin/sudo-1.8.6_p7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2013-1775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1775\n[ 2 ] CVE-2013-1776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1776\n[ 3 ] CVE-2013-2776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2776\n[ 4 ] CVE-2013-2777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2777\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-23.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update\n2015-006\n\nOS X Yosemite v10.10.5 and Security Update 2015-006 is now available\nand addresses the following:\n\napache\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in Apache 2.4.16, the most\nserious of which may allow a remote attacker to cause a denial of\nservice. \nDescription: Multiple vulnerabilities existed in Apache versions\nprior to 2.4.16. These were addressed by updating Apache to version\n2.4.16. \nCVE-ID\nCVE-2014-3581\nCVE-2014-3583\nCVE-2014-8109\nCVE-2015-0228\nCVE-2015-0253\nCVE-2015-3183\nCVE-2015-3185\n\napache_mod_php\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in PHP 5.5.20, the most\nserious of which may lead to arbitrary code execution. \nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.20. These were addressed by updating Apache to version 5.5.27. \nCVE-ID\nCVE-2015-2783\nCVE-2015-2787\nCVE-2015-3307\nCVE-2015-3329\nCVE-2015-3330\nCVE-2015-4021\nCVE-2015-4022\nCVE-2015-4024\nCVE-2015-4025\nCVE-2015-4026\nCVE-2015-4147\nCVE-2015-4148\n\nApple ID OD Plug-in\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able change the password of a\nlocal user\nDescription: In some circumstances, a state management issue existed\nin password authentication. The issue was addressed through improved\nstate management. \nCVE-ID\nCVE-2015-3799 : an anonymous researcher working with HP\u0027s Zero Day\nInitiative\n\nAppleGraphicsControl\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in AppleGraphicsControl which could\nhave led to the disclosure of kernel memory layout. This issue was\naddressed through improved bounds checking. \nCVE-ID\nCVE-2015-5768 : JieTao Yang of KeenTeam\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in\nIOBluetoothHCIController. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3779 : Teddy Reed of Facebook Security\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A memory management issue could have led to the\ndisclosure of kernel memory layout. This issue was addressed with\nimproved memory management. \nCVE-ID\nCVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious app may be able to access notifications from\nother iCloud devices\nDescription: An issue existed where a malicious app could access a\nBluetooth-paired Mac or iOS device\u0027s Notification Center\nnotifications via the Apple Notification Center Service. The issue\naffected devices using Handoff and logged into the same iCloud\naccount. This issue was resolved by revoking access to the Apple\nNotification Center Service. \nCVE-ID\nCVE-2015-3786 : Xiaolong Bai (Tsinghua University), System Security\nLab (Indiana University), Tongxin Li (Peking University), XiaoFeng\nWang (Indiana University)\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: An attacker with privileged network position may be able to\nperform denial of service attack using malformed Bluetooth packets\nDescription: An input validation issue existed in parsing of\nBluetooth ACL packets. This issue was addressed through improved\ninput validation. \nCVE-ID\nCVE-2015-3787 : Trend Micro\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple buffer overflow issues existed in blued\u0027s\nhandling of XPC messages. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-3777 : mitp0sh of [PDX]\n\nbootp\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious Wi-Fi network may be able to determine networks\na device has previously accessed\nDescription: Upon connecting to a Wi-Fi network, iOS may have\nbroadcast MAC addresses of previously accessed networks via the DNAv4\nprotocol. This issue was addressed through disabling DNAv4 on\nunencrypted Wi-Fi networks. \nCVE-ID\nCVE-2015-3778 : Piers O\u0027Hanlon of Oxford Internet Institute,\nUniversity of Oxford (on the EPSRC Being There project)\n\nCloudKit\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to access the iCloud\nuser record of a previously signed in user\nDescription: A state inconsistency existed in CloudKit when signing\nout users. This issue was addressed through improved state handling. \nCVE-ID\nCVE-2015-3782 : Deepkanwal Plaha of University of Toronto\n\nCoreMedia Playback\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Memory corruption issues existed in CoreMedia Playback. \nThese were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5777 : Apple\nCVE-2015-5778 : Apple\n\nCoreText\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team\n\ncurl\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities in cURL and libcurl prior to\n7.38.0, one of which may allow remote attackers to bypass the Same\nOrigin Policy. \nDescription: Multiple vulnerabilities existed in cURL and libcurl\nprior to 7.38.0. These issues were addressed by updating cURL to\nversion 7.43.0. \nCVE-ID\nCVE-2014-3613\nCVE-2014-3620\nCVE-2014-3707\nCVE-2014-8150\nCVE-2014-8151\nCVE-2015-3143\nCVE-2015-3144\nCVE-2015-3145\nCVE-2015-3148\nCVE-2015-3153\n\nData Detectors Engine\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a sequence of unicode characters can lead to an\nunexpected application termination or arbitrary code execution\nDescription: Memory corruption issues existed in processing of\nUnicode characters. These issues were addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)\n\nDate \u0026 Time pref pane\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Applications that rely on system time may have unexpected\nbehavior\nDescription: An authorization issue existed when modifying the\nsystem date and time preferences. This issue was addressed with\nadditional authorization checks. \nCVE-ID\nCVE-2015-3757 : Mark S C Smith\n\nDictionary Application\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: An attacker with a privileged network position may be able\nto intercept users\u0027 Dictionary app queries\nDescription: An issue existed in the Dictionary app, which did not\nproperly secure user communications. This issue was addressed by\nmoving Dictionary queries to HTTPS. \nCVE-ID\nCVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security\nTeam\n\nDiskImages\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted DMG file may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription: A memory corruption issue existed in parsing of\nmalformed DMG images. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team\n\ndyld\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A path validation issue existed in dyld. This was\naddressed through improved environment sanitization. \nCVE-ID\nCVE-2015-3760 : beist of grayhash, Stefan Esser\n\nFontParser\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-3804 : Apple\nCVE-2015-5775 : Apple\n\nFontParser\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team\n\ngroff\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple issues in pdfroff\nDescription: Multiple issues existed in pdfroff, the most serious of\nwhich may allow arbitrary filesystem modification. These issues were\naddressed by removing pdfroff. \nCVE-ID\nCVE-2009-5044\nCVE-2009-5078\n\nImageIO\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nTIFF images. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5758 : Apple\n\nImageIO\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Visiting a maliciously crafted website may result in the\ndisclosure of process memory\nDescription: An uninitialized memory access issue existed in\nImageIO\u0027s handling of PNG and TIFF images. Visiting a malicious\nwebsite may result in sending data from process memory to the\nwebsite. This issue is addressed through improved memory\ninitialization and additional validation of PNG and TIFF images. \nCVE-ID\nCVE-2015-5781 : Michal Zalewski\nCVE-2015-5782 : Michal Zalewski\n\nInstall Framework Legacy\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with root privileges\nDescription: An issue existed in how Install.framework\u0027s \u0027runner\u0027\nbinary dropped privileges. This issue was addressed through improved\nprivilege management. \nCVE-ID\nCVE-2015-5784 : Ian Beer of Google Project Zero\n\nInstall Framework Legacy\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A race condition existed in\nInstall.framework\u0027s \u0027runner\u0027 binary that resulted in\nprivileges being incorrectly dropped. This issue was addressed\nthrough improved object locking. \nCVE-ID\nCVE-2015-5754 : Ian Beer of Google Project Zero\n\nIOFireWireFamily\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: Memory corruption issues existed in IOFireWireFamily. \nThese issues were addressed through additional type input validation. \nCVE-ID\nCVE-2015-3769 : Ilja van Sprundel\nCVE-2015-3771 : Ilja van Sprundel\nCVE-2015-3772 : Ilja van Sprundel\n\nIOGraphics\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in IOGraphics. This\nissue was addressed through additional type input validation. \nCVE-ID\nCVE-2015-3770 : Ilja van Sprundel\nCVE-2015-5783 : Ilja van Sprundel\n\nIOHIDFamily\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A buffer overflow issue existed in IOHIDFamily. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5774 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in the mach_port_space_info interface,\nwhich could have led to the disclosure of kernel memory layout. This\nwas addressed by disabling the mach_port_space_info interface. \nCVE-ID\nCVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team,\n@PanguTeam\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An integer overflow existed in the handling of IOKit\nfunctions. This issue was addressed through improved validation of\nIOKit API arguments. \nCVE-ID\nCVE-2015-3768 : Ilja van Sprundel\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to cause a system denial of service\nDescription: A resource exhaustion issue existed in the fasttrap\ndriver. This was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5747 : Maxime VILLARD of m00nbsd\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to cause a system denial of service\nDescription: A validation issue existed in the mounting of HFS\nvolumes. This was addressed by adding additional checks. \nCVE-ID\nCVE-2015-5748 : Maxime VILLARD of m00nbsd\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute unsigned code\nDescription: An issue existed that allowed unsigned code to be\nappended to signed code in a specially crafted executable file. This\nissue was addressed through improved code signature validation. \nCVE-ID\nCVE-2015-3806 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A specially crafted executable file could allow unsigned,\nmalicious code to execute\nDescription: An issue existed in the way multi-architecture\nexecutable files were evaluated that could have allowed unsigned code\nto be executed. This issue was addressed through improved validation\nof executable files. \nCVE-ID\nCVE-2015-3803 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute unsigned code\nDescription: A validation issue existed in the handling of Mach-O\nfiles. This was addressed by adding additional checks. \nCVE-ID\nCVE-2015-3802 : TaiG Jailbreak Team\nCVE-2015-3805 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted plist may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription: A memory corruption existed in processing of malformed\nplists. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein\n(@jollyjinx) of Jinx Germany\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A path validation issue existed. This was addressed\nthrough improved environment sanitization. \nCVE-ID\nCVE-2015-3761 : Apple\n\nLibc\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted regular expression may lead\nto an unexpected application termination or arbitrary code execution\nDescription: Memory corruption issues existed in the TRE library. \nThese were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3796 : Ian Beer of Google Project Zero\nCVE-2015-3797 : Ian Beer of Google Project Zero\nCVE-2015-3798 : Ian Beer of Google Project Zero\n\nLibinfo\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription: Memory corruption issues existed in handling AF_INET6\nsockets. These were addressed by improved memory handling. \nCVE-ID\nCVE-2015-5776 : Apple\n\nlibpthread\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in handling syscalls. \nThis issue was addressed through improved lock state checking. \nCVE-ID\nCVE-2015-5757 : Lufeng Li of Qihoo 360\n\nlibxml2\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in libxml2 versions prior\nto 2.9.2, the most serious of which may allow a remote attacker to\ncause a denial of service\nDescription: Multiple vulnerabilities existed in libxml2 versions\nprior to 2.9.2. These were addressed by updating libxml2 to version\n2.9.2. \nCVE-ID\nCVE-2012-6685 : Felix Groebert of Google\nCVE-2014-0191 : Felix Groebert of Google\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: A memory access issue existed in libxml2. This was\naddressed by improved memory handling\nCVE-ID\nCVE-2014-3660 : Felix Groebert of Google\n\nlibxml2\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: A memory corruption issue existed in parsing of XML\nfiles. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3807 : Apple\n\nlibxpc\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in handling of\nmalformed XPC messages. This issue was improved through improved\nbounds checking. \nCVE-ID\nCVE-2015-3795 : Mathew Rowley\n\nmail_cmds\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary shell commands\nDescription: A validation issue existed in the mailx parsing of\nemail addresses. This was addressed by improved sanitization. \nCVE-ID\nCVE-2014-7844\n\nNotification Center OSX\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to access all\nnotifications previously displayed to users\nDescription: An issue existed in Notification Center, which did not\nproperly delete user notifications. This issue was addressed by\ncorrectly deleting notifications dismissed by users. \nCVE-ID\nCVE-2015-3764 : Jonathan Zdziarski\n\nntfs\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in NTFS. This issue\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nOpenSSH\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Remote attackers may be able to circumvent a time delay for\nfailed login attempts and conduct brute-force attacks\nDescription: An issue existed when processing keyboard-interactive\ndevices. This issue was addressed through improved authentication\nrequest validation. \nCVE-ID\nCVE-2015-5600\n\nOpenSSL\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in OpenSSL versions prior\nto 0.9.8zg, the most serious of which may allow a remote attacker to\ncause a denial of service. \nDescription: Multiple vulnerabilities existed in OpenSSL versions\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\n0.9.8zg. \nCVE-ID\nCVE-2015-1788\nCVE-2015-1789\nCVE-2015-1790\nCVE-2015-1791\nCVE-2015-1792\n\nperl\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted regular expression may lead to\ndisclosure of unexpected application termination or arbitrary code\nexecution\nDescription: An integer underflow issue existed in the way Perl\nparsed regular expressions. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2013-7422\n\nPostgreSQL\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: An attacker may be able to cause unexpected application\ntermination or gain access to data without proper authentication\nDescription: Multiple issues existed in PostgreSQL 9.2.4. These\nissues were addressed by updating PostgreSQL to 9.2.13. \nCVE-ID\nCVE-2014-0067\nCVE-2014-8161\nCVE-2015-0241\nCVE-2015-0242\nCVE-2015-0243\nCVE-2015-0244\n\npython\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in Python 2.7.6, the most\nserious of which may lead to arbitrary code execution\nDescription: Multiple vulnerabilities existed in Python versions\nprior to 2.7.6. These were addressed by updating Python to version\n2.7.10. \nCVE-ID\nCVE-2013-7040\nCVE-2013-7338\nCVE-2014-1912\nCVE-2014-7185\nCVE-2014-9365\n\nQL Office\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted Office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in parsing of Office\ndocuments. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5773 : Apple\n\nQL Office\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted XML file may lead to\ndisclosure of user information\nDescription: An external entity reference issue existed in XML file\nparsing. This issue was addressed through improved parsing. \nCVE-ID\nCVE-2015-3784 : Bruno Morisson of INTEGRITY S.A. \n\nQuartz Composer Framework\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted QuickTime file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in parsing of\nQuickTime files. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5771 : Apple\n\nQuick Look\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Searching for a previously viewed website may launch the web\nbrowser and render that website\nDescription: An issue existed where QuickLook had the capability to\nexecute JavaScript. The issue was addressed by disallowing execution\nof JavaScript. \nCVE-ID\nCVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole\n\nQuickTime 7\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3772\nCVE-2015-3779\nCVE-2015-5753 : Apple\nCVE-2015-5779 : Apple\n\nQuickTime 7\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3765 : Joe Burnett of Audio Poison\nCVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-5751 : WalkerFuz\n\nSceneKit\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Viewing a maliciously crafted Collada file may lead to\narbitrary code execution\nDescription: A heap buffer overflow existed in SceneKit\u0027s handling\nof Collada files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5772 : Apple\n\nSceneKit\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription: A memory corruption issue existed in SceneKit. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3783 : Haris Andrianakis of Google Security Team\n\nSecurity\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A standard user may be able to gain access to admin\nprivileges without proper authentication\nDescription: An issue existed in handling of user authentication. \nThis issue was addressed through improved authentication checks. \nCVE-ID\nCVE-2015-3775 : [Eldon Ahrold]\n\nSMBClient\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription: A memory corruption issue existed in the SMB client. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3773 : Ilja van Sprundel\n\nSpeech UI\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted unicode string with speech\nalerts enabled may lead to an unexpected application termination or\narbitrary code execution\nDescription: A memory corruption issue existed in handling of\nUnicode strings. This issue was addressed by improved memory\nhandling. \nCVE-ID\nCVE-2013-1775\nCVE-2013-1776\nCVE-2013-2776\nCVE-2013-2777\nCVE-2014-0106\nCVE-2014-9680\n\ntcpdump\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most\nserious of which may allow a remote attacker to cause a denial of\nservice. \nDescription: Multiple vulnerabilities existed in tcpdump versions\nprior to 4.7.3. These were addressed by updating tcpdump to version\n4.7.3. \nCVE-ID\nCVE-2014-8767\nCVE-2014-8769\nCVE-2014-9140\n\nText Formats\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted text file may lead to\ndisclosure of user information\nDescription: An XML external entity reference issue existed with\nTextEdit parsing. This issue was addressed through improved parsing. \nCVE-ID\nCVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team\n\nudf\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted DMG file may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription: A memory corruption issue existed in parsing of\nmalformed DMG images. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3767 : beist of grayhash\n\nOS X Yosemite v10.10.5 includes the security content of Safari 8.0.8:\nhttps://support.apple.com/en-us/HT205033\n\nOS X Yosemite 10.10.5 and Security Update 2015-006 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n\n\n-----BEGIN PGP SIGNATURE-----\n\niQIcBAEBCAAGBQJVzM3+AAoJEBcWfLTuOo7tx/YP/RTsUUx0UTk7rXj6AEcHmiR4\nY2xTUOXqRmxhieSbsGK9laKL5++lIzkGh5RC7oYag0+OgWtZz+EU/EtdoEJmGNJ6\n+PgoEnizYdKhO1kos1KCHOwG6UFCqoeEm6Icm33nVUqWp7uAmhVRMRxtMJEScLSR\n2LpsK0grIhFXtJGqu053TSKSCa1UTab8XWteZTT84uFGMSKbAFONj5CPIrR6+uev\nQpVTwrnskPDBOXJwGhjypvIBTbt2aa1wjCukOAWFHwf7Pma/QUdhKRkUK4vAb9/k\nfu2t2fBOvSMguJHRO+340NsQR9LvmdruBeAyNUH64srF1jtbAg0QnvZsPyO5aIyR\nA8WrzHl3oIc0II0y7VpI+3o0J3Nn03EcBPtIKeoeyznnjNziDm72HPI2d2+5ZSRz\nxjAd4Nmw+dgGq+UMkusIXgtRK4HcEpwzfImf3zqnKHakSncnFPhGKyNEgn8bK9a7\nAeAvSqMXXsJg8weHUF2NLnAn/42k2wIE8d5BOLaIy13xz6MJn7VUI21pK0zCaGBF\nsfkRFZP0eEVh8ZzU/nWp9E5KDpbsd72biJwvjWH4OrmkfzUWxStQiVwPTxtZD9LW\nc5ZWe+vqZJV9eYRH2hAOMPaYkOQ5Z4DySNVVOFAG0eq9til8+V0k3L7ipIVd2XUB\nmsu6gVP8uZhFYNb8byVJ\n=+0e/\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Low: sudo security, bug fix and enhancement update\nAdvisory ID: RHSA-2013:1701-02\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-1701.html\nIssue date: 2013-11-21\nCVE Names: CVE-2013-1775 CVE-2013-2776 CVE-2013-2777 \n=====================================================================\n\n1. Summary:\n\nAn updated sudo package that fixes two security issues, several bugs, and\nadds two enhancements is now available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root. \n\nA flaw was found in the way sudo handled time stamp files. An attacker able\nto run code as a local user and with the ability to control the system\nclock could possibly gain additional privileges by running commands that\nthe victim user was allowed to run via sudo, without knowing the victim\u0027s\npassword. \nAn attacker able to run code as a local user could possibly gain additional\nprivileges by running commands that the victim user was allowed to run via\nsudo, without knowing the victim\u0027s password. (CVE-2013-2776, CVE-2013-2777)\n\nThis update also fixes the following bugs:\n\n* Previously, sudo did not support netgroup filtering for sources from the\nSystem Security Services Daemon (SSSD). Consequently, SSSD rules were\napplied to all users even when they did not belong to the specified\nnetgroup. With this update, netgroup filtering for SSSD sources has been\nimplemented. As a result, rules with a netgroup specification are applied\nonly to users that are part of the netgroup. (BZ#880150)\n\n* When the sudo utility set up the environment in which it ran a command,\nit reset the value of the RLIMIT_NPROC resource limit to the parent\u0027s value\nof this limit if both the soft (current) and hard (maximum) values of\nRLIMIT_NPROC were not limited. An upstream patch has been provided to\naddress this bug and RLIMIT_NPROC can now be set to \"unlimited\". \n(BZ#947276)\n\n* Due to the refactoring of the sudo code by upstream, the SUDO_USER\nvariable that stores the name of the user running the sudo command was not\nlogged to the /var/log/secure file as before. Consequently, user name\n\"root\" was always recorded instead of the real user name. With this update,\nthe previous behavior of sudo has been restored. As a result, the expected\nuser name is now written to /var/log/secure. (BZ#973228)\n\n* Due to an error in a loop condition in sudo\u0027s rule listing code, a buffer\noverflow could have occurred in certain cases. This condition has been\nfixed and the buffer overflow no longer occurs. (BZ#994626)\n\nIn addition, this update adds the following enhancements:\n\n* With this update, sudo has been modified to send debug messages about\nnetgroup matching to the debug log. These messages should provide better\nunderstanding of how sudo matches netgroup database records with values\nfrom the running system and what the values are exactly. (BZ#848111)\n\n* With this update, sudo has been modified to accept the ipa_hostname value\nfrom the /etc/sssd/sssd.conf configuration file when matching netgroups. \n(BZ#853542)\n\nAll sudo users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues and add\nthese enhancements. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n856901 - Defauts:!\u003cuser\u003e syntax in sudoers doesn\u0027t seem to work as expected\n880150 - sssd +netgroup sudoUser is always matched\n886648 - Access granted with invalid sudoRunAsUser/sudoRunAsGroup\n916363 - CVE-2013-1775 sudo: authentication bypass via reset system clock\n949751 - CVE-2013-2776 sudo: bypass of tty_tickets constraints\n949753 - CVE-2013-2777 sudo: bypass of tty_tickets constraints\n994563 - Warning in visudo: cycle in Host_Alias even without cycle\n994626 - sudo -u \u003cuser\u003e sudo -l show error: *** glibc detected *** sudo: realloc(): invalid next size: 0x00007f4ae2d10ec0 ***\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\ni386:\nsudo-1.8.6p3-12.el6.i686.rpm\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\n\nx86_64:\nsudo-1.8.6p3-12.el6.x86_64.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\ni386:\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\nsudo-devel-1.8.6p3-12.el6.i686.rpm\n\nx86_64:\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\nsudo-devel-1.8.6p3-12.el6.i686.rpm\nsudo-devel-1.8.6p3-12.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\nx86_64:\nsudo-1.8.6p3-12.el6.x86_64.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\nx86_64:\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\nsudo-devel-1.8.6p3-12.el6.i686.rpm\nsudo-devel-1.8.6p3-12.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\ni386:\nsudo-1.8.6p3-12.el6.i686.rpm\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\n\nppc64:\nsudo-1.8.6p3-12.el6.ppc64.rpm\nsudo-debuginfo-1.8.6p3-12.el6.ppc64.rpm\n\ns390x:\nsudo-1.8.6p3-12.el6.s390x.rpm\nsudo-debuginfo-1.8.6p3-12.el6.s390x.rpm\n\nx86_64:\nsudo-1.8.6p3-12.el6.x86_64.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\ni386:\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\nsudo-devel-1.8.6p3-12.el6.i686.rpm\n\nppc64:\nsudo-debuginfo-1.8.6p3-12.el6.ppc.rpm\nsudo-debuginfo-1.8.6p3-12.el6.ppc64.rpm\nsudo-devel-1.8.6p3-12.el6.ppc.rpm\nsudo-devel-1.8.6p3-12.el6.ppc64.rpm\n\ns390x:\nsudo-debuginfo-1.8.6p3-12.el6.s390.rpm\nsudo-debuginfo-1.8.6p3-12.el6.s390x.rpm\nsudo-devel-1.8.6p3-12.el6.s390.rpm\nsudo-devel-1.8.6p3-12.el6.s390x.rpm\n\nx86_64:\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\nsudo-devel-1.8.6p3-12.el6.i686.rpm\nsudo-devel-1.8.6p3-12.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\ni386:\nsudo-1.8.6p3-12.el6.i686.rpm\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\n\nx86_64:\nsudo-1.8.6p3-12.el6.x86_64.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/sudo-1.8.6p3-12.el6.src.rpm\n\ni386:\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\nsudo-devel-1.8.6p3-12.el6.i686.rpm\n\nx86_64:\nsudo-debuginfo-1.8.6p3-12.el6.i686.rpm\nsudo-debuginfo-1.8.6p3-12.el6.x86_64.rpm\nsudo-devel-1.8.6p3-12.el6.i686.rpm\nsudo-devel-1.8.6p3-12.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-1775.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2776.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-2777.html\nhttps://access.redhat.com/security/updates/classification/#low\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFSjZCHXlSAg2UNWIIRAt3IAJ9vk5ycVQ6pYkHYc7uM6YLFvhsSrgCfVHi+\nH0zICoykOf4KltShaykk1Wo=\n=z/lR\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. (CVE-2013-1776, CVE-2013-2776)\n\nThis update also fixes the following bugs:\n\n* Due to a bug in the cycle detection algorithm of the visudo utility,\nvisudo incorrectly evaluated certain alias definitions in the /etc/sudoers\nfile as cycles. Consequently, a warning message about undefined aliases\nappeared. This bug has been fixed, /etc/sudoers is now parsed correctly by\nvisudo and the warning message no longer appears. (BZ#849679)\n\n* Previously, the \u0027sudo -l\u0027 command did not parse the /etc/sudoers file\ncorrectly if it contained an Active Directory (AD) group. The file was\nparsed only up to the first AD group information and then the parsing\nfailed with the following message:\n\n sudo: unable to cache group ADDOM\\admingroup, already exists\n\nWith this update, the underlying code has been modified and \u0027sudo -l\u0027 now\nparses /etc/sudoers containing AD groups correctly. (BZ#855836)\n\n* Previously, the sudo utility did not escape the backslash characters\ncontained in user names properly. Consequently, if a system used sudo\nintegrated with LDAP or Active Directory (AD) as the primary authentication\nmechanism, users were not able to authenticate on that system. With this\nupdate, sudo has been modified to process LDAP and AD names correctly and\nthe authentication process now works as expected. (BZ#869287)\n\n* Prior to this update, the \u0027visudo -s (strict)\u0027 command incorrectly parsed\ncertain alias definitions. Consequently, an error message was issued. The\nbug has been fixed, and parsing errors no longer occur when using \u0027visudo\n- -s\u0027",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2776"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"db": "BID",
"id": "62741"
},
{
"db": "BID",
"id": "58207"
},
{
"db": "VULHUB",
"id": "VHN-62778"
},
{
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"db": "PACKETSTORM",
"id": "124877"
},
{
"db": "PACKETSTORM",
"id": "133079"
},
{
"db": "PACKETSTORM",
"id": "124114"
},
{
"db": "PACKETSTORM",
"id": "123465"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2776",
"trust": 3.6
},
{
"db": "BID",
"id": "58207",
"trust": 2.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2013/02/27/31",
"trust": 1.8
},
{
"db": "BID",
"id": "62741",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-100",
"trust": 0.7
},
{
"db": "SLACKWARE",
"id": "SSA:2013-065-01",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OSS-SECURITY] 20130227 RE: CVE REQUEST: POTENTIAL BYPASS OF SUDO TTY_TICKETS CONSTRAINTS",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-2642",
"trust": 0.6
},
{
"db": "XF",
"id": "82453",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-62778",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-2776",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124877",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "133079",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124114",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123465",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62778"
},
{
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"db": "BID",
"id": "62741"
},
{
"db": "BID",
"id": "58207"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"db": "PACKETSTORM",
"id": "124877"
},
{
"db": "PACKETSTORM",
"id": "133079"
},
{
"db": "PACKETSTORM",
"id": "124114"
},
{
"db": "PACKETSTORM",
"id": "123465"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-100"
},
{
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"id": "VAR-201304-0405",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-62778"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:54:14Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT205031"
},
{
"title": "HT205031",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT205031"
},
{
"title": "Bug #87023",
"trust": 0.8,
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"title": "#701839",
"trust": 0.8,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"title": "DSA-2642",
"trust": 0.8,
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"title": "Multiple Permissions, Privileges, and Access Control vulnerabilities in Sudo",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_permissions_privileges_and_access"
},
{
"title": "Bug 916365",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"title": "Bug 949751",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"title": "RHSA-2013:1353",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1353.html"
},
{
"title": "RHSA-2013:1701",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/RHSA-2013-1701.html"
},
{
"title": "changeset 8635:0c0283d1fafa",
"trust": 0.8,
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"title": "changeset 8684:049a12a5cc14",
"trust": 0.8,
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"title": "Potential bypass of tty_tickets constraints",
"trust": 0.8,
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"title": "Red Hat: Low: sudo security, bug fix and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131701 - Security Advisory"
},
{
"title": "Red Hat: Low: sudo security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20131353 - Security Advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2013-259",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2013-259"
},
{
"title": "Debian Security Advisories: DSA-2642-1 sudo -- several issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6a71c6d7b295128735f0d65ff41929de"
},
{
"title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=6c15273f6bf4a785175f27073b98a1ce"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62778"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.sudo.ws/sudo/alerts/tty_tickets.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/58207"
},
{
"trust": 1.8,
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"trust": 1.8,
"url": "http://www.sudo.ws/repos/sudo/rev/049a12a5cc14"
},
{
"trust": 1.8,
"url": "http://www.sudo.ws/repos/sudo/rev/0c0283d1fafa"
},
{
"trust": 1.8,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839"
},
{
"trust": 1.8,
"url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916365"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2013/02/27/31"
},
{
"trust": 1.7,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.517440"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/62741"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1353.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1701.html"
},
{
"trust": 1.2,
"url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 1.2,
"url": "https://support.apple.com/kb/ht205031"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2013/dsa-2642"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82453"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2776"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2776"
},
{
"trust": 0.6,
"url": "http://www.sudo.ws"
},
{
"trust": 0.6,
"url": "https://downloads.avaya.com/css/p8/documents/100177016"
},
{
"trust": 0.6,
"url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/82453"
},
{
"trust": 0.6,
"url": "http://www.debian.org/security/2012/dsa-2642"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1775"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2776"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949751"
},
{
"trust": 0.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_permissions_privileges_and_access"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100176023"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2777"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1776"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2776.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1775.html"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2013\u0026amp;m=slackware-security.517440"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2013:1701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://alas.aws.amazon.com/alas-2013-259.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1775"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2777"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201401-23.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1776"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8109"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3583"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3613"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7185"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht205033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8161"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-7422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8767"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-5044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3620"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3581"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-7844"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0106"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8769"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-7338"
},
{
"trust": 0.1,
"url": "https://www.safeye.org)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0191"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-5078"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-7040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8150"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8151"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3660"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1912"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-2777.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1776.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62778"
},
{
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"db": "BID",
"id": "62741"
},
{
"db": "BID",
"id": "58207"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"db": "PACKETSTORM",
"id": "124877"
},
{
"db": "PACKETSTORM",
"id": "133079"
},
{
"db": "PACKETSTORM",
"id": "124114"
},
{
"db": "PACKETSTORM",
"id": "123465"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-100"
},
{
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-62778"
},
{
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"db": "BID",
"id": "62741"
},
{
"db": "BID",
"id": "58207"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"db": "PACKETSTORM",
"id": "124877"
},
{
"db": "PACKETSTORM",
"id": "133079"
},
{
"db": "PACKETSTORM",
"id": "124114"
},
{
"db": "PACKETSTORM",
"id": "123465"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-100"
},
{
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-08T00:00:00",
"db": "VULHUB",
"id": "VHN-62778"
},
{
"date": "2013-04-08T00:00:00",
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"date": "2013-08-04T00:00:00",
"db": "BID",
"id": "62741"
},
{
"date": "2013-02-27T00:00:00",
"db": "BID",
"id": "58207"
},
{
"date": "2013-04-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"date": "2014-01-22T01:54:53",
"db": "PACKETSTORM",
"id": "124877"
},
{
"date": "2015-08-13T22:15:27",
"db": "PACKETSTORM",
"id": "133079"
},
{
"date": "2013-11-21T19:30:38",
"db": "PACKETSTORM",
"id": "124114"
},
{
"date": "2013-10-01T15:08:37",
"db": "PACKETSTORM",
"id": "123465"
},
{
"date": "2013-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-100"
},
{
"date": "2013-04-08T17:55:01.127000",
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-62778"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2013-2776"
},
{
"date": "2016-07-29T17:00:00",
"db": "BID",
"id": "62741"
},
{
"date": "2016-07-29T17:00:00",
"db": "BID",
"id": "58207"
},
{
"date": "2015-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002168"
},
{
"date": "2013-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-100"
},
{
"date": "2024-11-21T01:52:20.597000",
"db": "NVD",
"id": "CVE-2013-2776"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "62741"
},
{
"db": "BID",
"id": "58207"
},
{
"db": "PACKETSTORM",
"id": "124114"
},
{
"db": "PACKETSTORM",
"id": "123465"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-100"
}
],
"trust": 1.4
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sudo Vulnerabilities that are hijacked for authentication",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002168"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "62741"
},
{
"db": "BID",
"id": "58207"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.