Attackers looking to exploit a previously disclosed and apparently still unpatched bug in sudo have gotten a little more help this week. The vulnerability (CVE-2013-1775) can essentially set back the compromised system s clock to January 1, 1970, also known as the epoch, so the attacker can be granted access to the machine without entering a password. Metasploit, the penetration testing software that makes it easier to exploit vulnerabilities, added a module this week that makes exploiting the vulnerability less difficult.
Source: https://threatpost.com/metasploit-module-adds-sudo-vulnerability-for-os-x/102138/