Описание
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
Ссылки
- Product
- Patch
- ExploitMailing ListPatchVendor Advisory
- Product
- Patch
- ExploitMailing ListPatchVendor Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
Дефекты
Связанные уязвимости
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
GNU inetutils before 2.5 may allow privilege escalation because of unc ...
GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
EPSS
7.8 High
CVSS3