VIR Vulnerability Intelligence Relay

CVE-2013-1776

medium
Published 2013-04-08 Β· Modified 2026-04-29
πŸ’¬ Discuss on Community ✚ Propose mitigation
CVSS v3
β€”
CVSS v4 NEW
β€”
not yet in upstream
VIR risk
4.4

Description

sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.

Predictions

Exploit likelihood
20%
Patch ETA
β€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Debian Security Tracker Β· View original β†— Β· DFSG

CVE-2013-1776 NameCVE-2013-1776 Descriptionsudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another…

CVE-2013-1776

NameCVE-2013-1776
Descriptionsudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-2642-1
Debian Bugs701839

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sudo (PTS)bullseye1.9.5p2-3+deb11u1fixed
bullseye (security)1.9.5p2-3+deb11u3fixed
bookworm1.9.13p3-1+deb12u4fixed
bookworm (security)1.9.13p3-1+deb12u2fixed
trixie1.9.16p2-3+deb13u2fixed
forky1.9.17p2-5fixed
sid1.9.17p2-6fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sudosourcesqueeze1.7.4p4-2.squeeze.4DSA-2642-1
sudosource(unstable)1.8.5p2-1+nmu1701839

Home - Debian Security - Source (Git)

OS impact
macos macOS Affected 1 release
VersionStatusFixed in
β€” Affected β€”
debian Debian Fixed 5 releases
VersionStatusFixed in
trixie Fixed 1.8.5p2-1+nmu1
sid Fixed 1.8.5p2-1+nmu1
forky Fixed 1.8.5p2-1+nmu1
bullseye Fixed 1.8.5p2-1+nmu1
bookworm Fixed 1.8.5p2-1+nmu1

Application impact
VendorProductVersionsFixed
todd_millersudo1.8.0
todd_millersudo1.8.1
todd_millersudo1.8.1p1
todd_millersudo1.8.1p2
todd_millersudo1.8.2
todd_millersudo1.8.3
todd_millersudo1.8.3p1
todd_millersudo1.8.3p2
todd_millersudo1.8.4
todd_millersudo1.8.4p1
todd_millersudo1.8.4p2
todd_millersudo1.8.4p3
todd_millersudo1.8.4p4
todd_millersudo1.8.4p5
todd_millersudo1.8.5
todd_millersudo1.3.5
todd_millersudo1.6
todd_millersudo1.6.1
todd_millersudo1.6.2
todd_millersudo1.6.2p3
todd_millersudo1.6.3
todd_millersudo1.6.3_p7
todd_millersudo1.6.4
todd_millersudo1.6.4p2
todd_millersudo1.6.5
todd_millersudo1.6.6
todd_millersudo1.6.7
todd_millersudo1.6.7p5
todd_millersudo1.6.8
todd_millersudo1.6.8p12
todd_millersudo1.6.9
todd_millersudo1.6.9p20
todd_millersudo1.6.9p21
todd_millersudo1.6.9p22
todd_millersudo1.6.9p23
todd_millersudo1.7.0
todd_millersudo1.7.1
todd_millersudo1.7.2
todd_millersudo1.7.2p1
todd_millersudo1.7.2p2
todd_millersudo1.7.2p3
todd_millersudo1.7.2p4
todd_millersudo1.7.2p5
todd_millersudo1.7.2p6
todd_millersudo1.7.2p7
todd_millersudo1.7.3b1
todd_millersudo1.7.4
todd_millersudo1.7.4p1
todd_millersudo1.7.4p2
todd_millersudo1.7.4p3
todd_millersudo1.7.4p4
todd_millersudo1.7.4p5
todd_millersudo1.7.4p6
todd_millersudo1.7.5
todd_millersudo1.7.6
todd_millersudo1.7.6p1
todd_millersudo1.7.6p2
todd_millersudo1.7.7
todd_millersudo1.7.8
todd_millersudo1.7.8p1
todd_millersudo1.7.8p2
todd_millersudo1.7.9
todd_millersudo1.7.9p1
todd_millersudo1.7.10

References

CWEs

CWE-264

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.