Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-0727

Опубликовано: 14 апр. 2017
Источник: ubuntu
Приоритет: low
CVSS2: 7.2
CVSS3: 7.8

Описание

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.

РелизСтатусПримечание
devel

not-affected

1:4.2.8p4+dfsg-3ubuntu6
esm-infra-legacy/trusty

released

1:4.2.6.p5+dfsg-3ubuntu2.14.04.10
esm-infra/xenial

released

1:4.2.8p4+dfsg-3ubuntu5.3
precise

released

1:4.2.6.p3+dfsg-1ubuntu3.11
precise/esm

not-affected

1:4.2.6.p3+dfsg-1ubuntu3.11
trusty

released

1:4.2.6.p5+dfsg-3ubuntu2.14.04.10
trusty/esm

released

1:4.2.6.p5+dfsg-3ubuntu2.14.04.10
upstream

needed

vivid

ignored

end of life
vivid/stable-phone-overlay

ignored

end of life

Показывать по

Ссылки на источники

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-0727

CVSS3: 7
redhat
около 10 лет назад

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.

nvd логотип

CVE-2016-0727

CVSS3: 7.8
nvd
почти 9 лет назад

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.

debian логотип

CVE-2016-0727

CVSS3: 7.8
debian
почти 9 лет назад

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3. ...

github логотип

GHSA-c7qx-m9c7-8wm7

CVSS3: 7.8
github
больше 3 лет назад

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.

fstec логотип

BDU:2017-01267

fstec
почти 9 лет назад

Уязвимость скрипта crontab, входящего в состав ntp-пакета, операционной системы Ubuntu, позволяющая нарушителю повысить свои привилегии или изменять произвольные файлы

7.2 High

CVSS2

7.8 High

CVSS3