Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-2496HistorySep 02, 2005 - 5:03 p.m.
CVE-2005-2496
2005-09-0217:03:00
Debian Security Bug Tracker
security-tracker.debian.org
6
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
30.4%
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | ntp | < 1:4.2.0a+stable-2sarge1 | ntp_1:4.2.0a+stable-2sarge1_all.deb |
Related
redhat
redhat
(RHSA-2006:0393) ntp security update
2006-08-10 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-801-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 801-1 (ntp)
2008-01-17 00:00:00
NTPd <= 4.2.0 Privilege Escalation Vulnerability
2021-07-07 00:00:00
cvelist
cvelist
CVE-2005-2496
2005-09-02 04:00:00
nessus
nessus
Debian DSA-801-1 : ntp - programming error
2005-09-06 00:00:00
Ubuntu 4.10 : ntp vulnerability (USN-175-1)
2006-01-15 00:00:00
centos
centos
ntp security update
2006-08-24 00:24:36
ubuntucve
ubuntucve
CVE-2005-2496
2005-09-02 00:00:00
debian
debian
[SECURITY] [DSA 801-1] New ntp packages fix group id confusion
2005-09-05 09:58:35
[SECURITY] [DSA 801-1] New ntp packages fix group id confusion
2005-09-05 09:58:35
ubuntu
ubuntu
ntp server vulnerability
2005-09-02 00:00:00
cve
cve
CVE-2005-2496
2005-09-02 17:03:00
osv
osv
ntp - programming error
2005-09-05 00:00:00
nvd
nvd
CVE-2005-2496
2005-09-02 17:03:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
30.4%
Related for DEBIANCVE:CVE-2005-2496