The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
References
Configurations
History
20 Nov 2024, 23:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/16602 - Vendor Advisory | |
References | () http://secunia.com/advisories/21464 - | |
References | () http://securitytracker.com/id?1016679 - | |
References | () http://www.debian.org/security/2005/dsa-801 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2005:156 - | |
References | () http://www.osvdb.org/19055 - | |
References | () http://www.redhat.com/support/errata/RHSA-2006-0393.html - | |
References | () http://www.securityfocus.com/bid/14673 - | |
References | () http://www.securityspace.com/smysecure/catid.html?id=55155 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2005/1561 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/22035 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669 - |
Information
Published : 2005-09-02 17:03
Updated : 2024-11-20 23:59
NVD link : CVE-2005-2496
Mitre link : CVE-2005-2496
CVE.ORG link : CVE-2005-2496
JSON object : View
Products Affected
dave_mills
- ntpd
CWE