Apple Security Advisory 2015-08-13-2 - OS X Yosemite 10.10.5 and Security Update 2015-006 is now available and addresses vulnerabilities in Apache, the OD plug-in, IOBluetoothHCIController, and more.
1ccd5f307af57152abb6e4f0da773ca4420fb7a6e98f26301366a9071ecc9a33
Gentoo Linux Security Advisory 201401-23 - Multiple vulnerabilities have been found in sudo which could result in privilege escalation. Versions less than 1.8.6_p7 are affected.
dda81040cd1424b5d756e10f8887535266792aeb424207b4e2da032de4b6d974
Red Hat Security Advisory 2013-1701-02 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. It was found that sudo did not properly validate the controlling terminal device when the tty_tickets option was enabled in the /etc/sudoers file. An attacker able to run code as a local user could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password.
a123845b4cafb94e8438b79697c175656bdf7428c4a06099ba6aeacc46222972
Red Hat Security Advisory 2013-1353-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. It was found that sudo did not properly validate the controlling terminal device when the tty_tickets option was enabled in the /etc/sudoers file. An attacker able to run code as a local user could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password.
f25bdd3057f827733e856a4ea89cd02628b34925763720a3735ef6bbeabeddf3
Mac OS X versions 10.8.4 and below local root privilege escalation exploit written in Python.
a0b32edb63a75a52f36b3b0a16898f214ffdda7d8f01efbf9482265d991f663b
This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.
861501e9890ef0e4cff6780f3ce32dadf2038337f7e60f127a1275773d181e73
Mandriva Linux Security Advisory 2013-054 - A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in the sudoers file or in LDAP. As a result, users authorized to run commands on certain IP networks may be able to run commands on hosts that belong to other networks not explicitly listed in sudoers. sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. Sudo before 1.8.6p7 allows a malicious user to run commands via sudo without authenticating, so long as there exists a terminal the user has access to where a sudo command was successfully run by that same user within the password timeout period. The updated packages have been patched to correct these issues.
1c65aaaffdb72581984d2276efcf089189ca0ea9517d048d794210853c4a68ca
Mandriva Linux Security Advisory 2013-026 - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically-proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. Sudo before 1.8.6p7 allows a malicious user to run commands via sudo without authenticating, so long as there exists a terminal the user has access to where a sudo command was successfully run by that same user within the password timeout period. The updated packages have been patched to correct these issues.
f0f9ae055a87151f153c71a8cb17a6c21c9dc1ffce22d7b02cf7c92907860a99
Debian Linux Security Advisory 2642-1 - Several vulnerabilities have been discovered in sudo, a program designed to allow a sysadmin to give limited root privileges to users.
c92c30cf051f12aea44bf30b148da1d49e7b92755d5fd25772db43d85b0d2123
Slackware Security Advisory - New sudo packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-1775,CVE-2013-1776.
0756d6ac674176840736b20e3a780b4c015680c196a06f38bf65f1c511e7f822
Ubuntu Security Notice 1754-1 - Marco Schoepl discovered that Sudo incorrectly handled time stamp files when the system clock is set to epoch. A local attacker could use this issue to run Sudo commands without a password prompt.
b6eaa9e4310775a7d2276b521831c90680ecfb4422746e497b6bdd6750cabed1