Описание
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 2:2.4-3ubuntu1 |
| esm-apps/bionic | released | 2:1.9.4-3ubuntu0.1+esm2 |
| esm-apps/focal | released | 2:1.9.4-11ubuntu0.2 |
| esm-apps/jammy | released | 2:2.2-2ubuntu0.1 |
| esm-apps/xenial | released | 2:1.9.4-1ubuntu0.1~esm3 |
| esm-infra-legacy/trusty | released | 2:1.9.2-1ubuntu0.1~esm2 |
| focal | released | 2:1.9.4-11ubuntu0.2 |
| jammy | released | 2:2.2-2ubuntu0.1 |
| lunar | released | 2:2.4-2ubuntu1.1 |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
GNU inetutils before 2.5 may allow privilege escalation because of unc ...
GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
EPSS
7.8 High
CVSS3