CVE-2005-2655

Опубликовано: 30 авг. 2005

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments.

Ссылки

http://www.debian.org/security/2005/dsa-791
Patch
Vendor Advisory
http://www.debian.org/security/2005/dsa-791
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:maildrop:maildrop:0.50:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.51:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.51b:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.51c:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.54:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.54a:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.54b:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.55:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.55a:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.55b:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.55c:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.60:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.61:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.62:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.63:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.64:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.65:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.70:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.71:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.72:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.73:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.74:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.75:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.76:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.99.1:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:0.99.2:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.0:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.1:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.2:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.3:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.4:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.5:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.6:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.7:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.8:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.3.9:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:maildrop:maildrop:1.5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00397

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2005-2655

ubuntu

около 20 лет назад

lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments.

CVE-2005-2655

debian

около 20 лет назад

lockmail in maildrop before 1.5.3 does not drop privileges before exec ...

GHSA-mjj8-2wvx-jfh5

github

больше 3 лет назад

lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments.

EPSS

Процентиль: 60%

0.00397

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other