Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2005-3254
HistoryOct 18, 2005 - 9:02 p.m.

CVE-2005-3254

2005-10-1821:02:00
mitre
web.nvd.nist.gov
30
cve-2005-3254
cgiwrap
debian gnu/linux
uid manipulation
security vulnerability
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

High

EPSS

0.004

Percentile

72.1%

JSON

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.

Affected configurations

Nvd
Node
nathan_neulingercgiwrapMatch1.0debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.0debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.1debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.2debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.3debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.4debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.5debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.6debian_gnu_linux
OR
nathan_neulingercgiwrapMatch2.7debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.0debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.1debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.2debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.3debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.4debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.5debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.6debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.6.1debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.6.2debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.6.3debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.6.4debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.6.5debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.7debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.7.1debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.8debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.11debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.21debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.22debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.23debian_gnu_linux
OR
nathan_neulingercgiwrapMatch3.24debian_gnu_linux
VendorProductVersionCPE
nathan_neulingercgiwrap1.0cpe:2.3:a:nathan_neulinger:cgiwrap:1.0:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.0cpe:2.3:a:nathan_neulinger:cgiwrap:2.0:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.1cpe:2.3:a:nathan_neulinger:cgiwrap:2.1:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.2cpe:2.3:a:nathan_neulinger:cgiwrap:2.2:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.3cpe:2.3:a:nathan_neulinger:cgiwrap:2.3:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.4cpe:2.3:a:nathan_neulinger:cgiwrap:2.4:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.5cpe:2.3:a:nathan_neulinger:cgiwrap:2.5:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.6cpe:2.3:a:nathan_neulinger:cgiwrap:2.6:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap2.7cpe:2.3:a:nathan_neulinger:cgiwrap:2.7:*:debian_gnu_linux:*:*:*:*:*
nathan_neulingercgiwrap3.0cpe:2.3:a:nathan_neulinger:cgiwrap:3.0:*:debian_gnu_linux:*:*:*:*:*
Rows per page:
1-10 of 291

Related

ubuntucve 1
cvelist 1
nvd 1
ubuntucve
ubuntucve
CVE-2005-3254
2005-10-18 00:00:00
cvelist
cvelist
CVE-2005-3254
2005-10-18 04:00:00
nvd
nvd
CVE-2005-3254
2005-10-18 21:02:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

High

EPSS

0.004

Percentile

72.1%

JSON
Related for CVE-2005-3254
ubuntucve1cvelist1nvd1