CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions.

Published: 2013-04-08 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2013-2777 is rated Low Risk (27.8/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.37%). Monitor for updates and reassess as exploit intelligence or EPSS changes.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2013-2777

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.05% 0.37% +0.32%
2 2025-03-30 0.05% 0.05% -0.00%
3 2025-03-29 0.05%

Full EPSS history (5 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2013-2777

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
4.4 2.0 MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:L)
Requires local access to the target system.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 3.4 6.4 [email protected]

Weakness enumeration for CVE-2013-2777

OS Trackers for CVE-2013-2777

vendor priority summary link
debian not yet assigned CVE-2013-2777 not yet assigned priority: Debian including 1 source packages (sudo), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2013-2777
gentoo high CVE-2013-2777: 1 GLSA(s) (201401-23), 1 atom(s) (app-admin/sudo); latest impact high. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2013-2777
redhat low https://access.redhat.com/security/cve/CVE-2013-2777
ubuntu low CVE-2013-2777 low priority: Ubuntu including 1 source packages (sudo), 6 status rows across 6 suites (hardy, lucid, oneiric, precise, quantal, upstream): ignored 5, needs-triage 1. https://ubuntu.com/security/CVE-2013-2777

Affected software / configurations for CVE-2013-2777

Vendor Product Version Raw CPE
apple mac_os_x <= 10.10.4 cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
todd_miller sudo <= 1.7.10p4 cpe:2.3:a:todd_miller:sudo:*:*:*:*:*:*:*:*
todd_miller sudo 1.3.5 cpe:2.3:a:todd_miller:sudo:1.3.5:*:*:*:*:*:*:*
todd_miller sudo 1.6 cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*
todd_miller sudo 1.6.1 cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*
todd_miller sudo 1.6.2 cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*
todd_miller sudo 1.6.2p3 cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*
todd_miller sudo 1.6.3 cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*
todd_miller sudo 1.6.3_p7 cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*
todd_miller sudo 1.6.4 cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*
todd_miller sudo 1.6.4p2 cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*
todd_miller sudo 1.6.5 cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*
todd_miller sudo 1.6.6 cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*
todd_miller sudo 1.6.7 cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*
todd_miller sudo 1.6.7p5 cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*
todd_miller sudo 1.6.8 cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*
todd_miller sudo 1.6.8p12 cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*
todd_miller sudo 1.6.9 cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p20 cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p21 cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p22 cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*
todd_miller sudo 1.6.9p23 cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*
todd_miller sudo 1.7.0 cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*
todd_miller sudo 1.7.1 cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*
todd_miller sudo 1.7.2 cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*
todd_miller sudo 1.7.2p1 cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*
todd_miller sudo 1.7.2p2 cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*
todd_miller sudo 1.7.2p3 cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*
todd_miller sudo 1.7.2p4 cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*
todd_miller sudo 1.7.2p5 cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*
todd_miller sudo 1.7.2p6 cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*
todd_miller sudo 1.7.2p7 cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*
todd_miller sudo 1.7.3b1 cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*
todd_miller sudo 1.7.4 cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*
todd_miller sudo 1.7.4p1 cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*
todd_miller sudo 1.7.4p2 cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*
todd_miller sudo 1.7.4p3 cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*
todd_miller sudo 1.7.4p4 cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*
todd_miller sudo 1.7.4p5 cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*
todd_miller sudo 1.7.4p6 cpe:2.3:a:todd_miller:sudo:1.7.4p6:*:*:*:*:*:*:*
todd_miller sudo 1.7.5 cpe:2.3:a:todd_miller:sudo:1.7.5:*:*:*:*:*:*:*
todd_miller sudo 1.7.6 cpe:2.3:a:todd_miller:sudo:1.7.6:*:*:*:*:*:*:*
todd_miller sudo 1.7.6p1 cpe:2.3:a:todd_miller:sudo:1.7.6p1:*:*:*:*:*:*:*
todd_miller sudo 1.7.6p2 cpe:2.3:a:todd_miller:sudo:1.7.6p2:*:*:*:*:*:*:*
todd_miller sudo 1.7.7 cpe:2.3:a:todd_miller:sudo:1.7.7:*:*:*:*:*:*:*
todd_miller sudo 1.7.8 cpe:2.3:a:todd_miller:sudo:1.7.8:*:*:*:*:*:*:*
todd_miller sudo 1.7.8p1 cpe:2.3:a:todd_miller:sudo:1.7.8p1:*:*:*:*:*:*:*
todd_miller sudo 1.7.8p2 cpe:2.3:a:todd_miller:sudo:1.7.8p2:*:*:*:*:*:*:*
todd_miller sudo 1.7.9 cpe:2.3:a:todd_miller:sudo:1.7.9:*:*:*:*:*:*:*
todd_miller sudo 1.7.9p1 cpe:2.3:a:todd_miller:sudo:1.7.9p1:*:*:*:*:*:*:*
todd_miller sudo 1.7.10 cpe:2.3:a:todd_miller:sudo:1.7.10:*:*:*:*:*:*:*
todd_miller sudo 1.7.10p1 cpe:2.3:a:todd_miller:sudo:1.7.10p1:*:*:*:*:*:*:*
todd_miller sudo 1.7.10p2 cpe:2.3:a:todd_miller:sudo:1.7.10p2:*:*:*:*:*:*:*
todd_miller sudo 1.7.10p3 cpe:2.3:a:todd_miller:sudo:1.7.10p3:*:*:*:*:*:*:*
todd_miller sudo 1.8.0 cpe:2.3:a:todd_miller:sudo:1.8.0:*:*:*:*:*:*:*
todd_miller sudo 1.8.1 cpe:2.3:a:todd_miller:sudo:1.8.1:*:*:*:*:*:*:*
todd_miller sudo 1.8.1p1 cpe:2.3:a:todd_miller:sudo:1.8.1p1:*:*:*:*:*:*:*
todd_miller sudo 1.8.1p2 cpe:2.3:a:todd_miller:sudo:1.8.1p2:*:*:*:*:*:*:*
todd_miller sudo 1.8.2 cpe:2.3:a:todd_miller:sudo:1.8.2:*:*:*:*:*:*:*
todd_miller sudo 1.8.3 cpe:2.3:a:todd_miller:sudo:1.8.3:*:*:*:*:*:*:*
todd_miller sudo 1.8.3p1 cpe:2.3:a:todd_miller:sudo:1.8.3p1:*:*:*:*:*:*:*
todd_miller sudo 1.8.3p2 cpe:2.3:a:todd_miller:sudo:1.8.3p2:*:*:*:*:*:*:*
todd_miller sudo 1.8.4 cpe:2.3:a:todd_miller:sudo:1.8.4:*:*:*:*:*:*:*
todd_miller sudo 1.8.4p1 cpe:2.3:a:todd_miller:sudo:1.8.4p1:*:*:*:*:*:*:*
todd_miller sudo 1.8.4p2 cpe:2.3:a:todd_miller:sudo:1.8.4p2:*:*:*:*:*:*:*
todd_miller sudo 1.8.4p3 cpe:2.3:a:todd_miller:sudo:1.8.4p3:*:*:*:*:*:*:*
todd_miller sudo 1.8.4p4 cpe:2.3:a:todd_miller:sudo:1.8.4p4:*:*:*:*:*:*:*
todd_miller sudo 1.8.4p5 cpe:2.3:a:todd_miller:sudo:1.8.4p5:*:*:*:*:*:*:*
todd_miller sudo 1.8.5 cpe:2.3:a:todd_miller:sudo:1.8.5:*:*:*:*:*:*:*
todd_miller sudo 1.8.6 cpe:2.3:a:todd_miller:sudo:1.8.6:*:*:*:*:*:*:*
todd_miller sudo 1.8.6p1 cpe:2.3:a:todd_miller:sudo:1.8.6p1:*:*:*:*:*:*:*
todd_miller sudo 1.8.6p2 cpe:2.3:a:todd_miller:sudo:1.8.6p2:*:*:*:*:*:*:*
todd_miller sudo 1.8.6p3 cpe:2.3:a:todd_miller:sudo:1.8.6p3:*:*:*:*:*:*:*
todd_miller sudo 1.8.6p4 cpe:2.3:a:todd_miller:sudo:1.8.6p4:*:*:*:*:*:*:*
todd_miller sudo 1.8.6p5 cpe:2.3:a:todd_miller:sudo:1.8.6p5:*:*:*:*:*:*:*

References for CVE-2013-2777

URL Tags
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
http://rhn.redhat.com/errata/RHSA-2013-1701.html
http://www.debian.org/security/2013/dsa-2642
http://www.openwall.com/lists/oss-security/2013/02/27/31
http://www.securityfocus.com/bid/58207
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440
http://www.sudo.ws/repos/sudo/rev/2f3225a2a4a4 Vendor Advisory
http://www.sudo.ws/repos/sudo/rev/bfa23f089bba Vendor Advisory
http://www.sudo.ws/sudo/alerts/tty_tickets.html Vendor Advisory
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023
https://bugzilla.redhat.com/show_bug.cgi?id=916365
https://exchange.xforce.ibmcloud.com/vulnerabilities/82453
https://support.apple.com/kb/HT205031 Vendor Advisory
cvelogic Threat Intelligence