14 DAY TRIAL // It appears that there's a bug in Ubuntu distributions which lets malicious users locally exploit sudo and gain access to the user's account without knowing their password. The bug was submitted to Canonical's Launchpad back in September 2013 by user Mark Smith.
Since then, several users reported that the bug may have an effect on various window managers, including Unity, KDE, GNOME, and Cinnamon, and it also appears to affect Apple's OS X operating system for Macintosh computers.
The bug appears to be related to the fact that users can change the system clock without authenticating, by disabling network-synchronized time (see the screenshot above for details). Additionally, one could use the "cat /var/log/auth.log" command to find the last time a user authenticated with sudo.
"To do this, a user would only need to launch a few terminals, figure out which pty they were on via "tty", find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time," says Mark Smith in the initial report dated September 1, 2013. "Once this is done, they can run (for example) "sudo -s" and have a full access terminal."
The bug affects all supported Ubuntu operating systems
While the bug was initially marked as private because it contained sensitive information, it looks like the Ubuntu team decided to make it public recently without consulting Mark Smith. However, the decision was taken (most probably) to fix the issue as soon as possible.
A few hours after Mark Smith posted this information on a Reddit thread, the bug was assigned to Marc Deslauriers and confirmed to affect Ubuntu 12.04 LTS (Precise Pangolin), Ubuntu 14.04 LTS (Trusty Tahr), Ubuntu 14.10 (Utopic Unicorn), and Ubuntu 15.04 (Vivid Vervet) operating systems.
Its importance remains undecided at the moment of writing this article. We will update the article once Canonical fix the nasty sudo bug and seed the patched version to the main software repositories of its supported Ubuntu Linux distributions.