exploitDog

CVE-2001-0456

Опубликовано: 27 июн. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.

Ссылки

http://www.debian.org/security/2001/dsa-032
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6208
http://www.debian.org/security/2001/dsa-032
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6208

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00782

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-vrj6-pf44-5f3r

github

почти 4 года назад

postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.

EPSS

Процентиль: 73%

0.00782

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other