Описание
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-2496
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22035
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669
- http://secunia.com/advisories/16602
- http://secunia.com/advisories/21464
- http://securitytracker.com/id?1016679
- http://www.debian.org/security/2005/dsa-801
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:156
- http://www.osvdb.org/19055
- http://www.redhat.com/support/errata/RHSA-2006-0393.html
- http://www.securityfocus.com/bid/14673
- http://www.securityspace.com/smysecure/catid.html?id=55155
- http://www.vupen.com/english/advisories/2005/1561
EPSS
CVE ID
Связанные уязвимости
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS