A sudo authentication bypass vulnerability reported back in March has gained a little traction with the release by Metasploit of a module that makes it easier to exploit on Macs.
The original vulnerability, as described in CVE CVE-2013-1775, involves bypassing time restrictions and retaining privileges by resetting the system clock. It was not restricted to OS X, and was fixed in sudo 1.8.6p7 and 1.7.10p7, but according to an article by Dan Goodin for Ars Technica, OS X versions 10.7 to 10.8.4 remain vulnerable. In fact, it can only be exploited in principle if the attacker already has physical or remote shell access to the target machine and sufficient privileges.
However, HD Moore is quoted by Goodin as saying that “…it allows any user-level compromise to become root…”
David Harley
Small Blue-Green World
ESET Senior Research Fellow
Mac Virus 
Can you please provide guidance on how to remove this nightmare from you computer? Not sure that this is what I have, but having files on my mac that are dated years before I had the machine makes me wonder. Any help is greatly appreciated.
By: Josh on April 10, 2014
at 09:28
There are a range of reasons why file dates might seem anomalous that have nothing to do with CVE-2013-1775. If you’re having other issues with the system, I’m afraid you need to contact a support forum or even a support specialist. Unfortunately, I’m not resourced to offer one-to-one support nowadays. Sorry.
By: David Harley on April 14, 2014
at 11:02