Lucene search
GoogleOSV:DSA-801-1HistorySep 05, 2005 - 12:00 a.m.
ntp - programming error
2005-09-0500:00:00
Google
osv.dev
7
0.001 Low
EPSS
Percentile
30.4%
SuSE developers discovered that ntp confuses the given group id with
the group id of the given user when called with a group id on the
commandline that is specified as a string and not as a numeric gid,
which causes ntpd to run with different privileges than intended.
The old stable distribution (woody) is not affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
version 4.2.0a+stable-2sarge1.
The unstable distribution (sid) is not affected by this problem.
We recommend that you upgrade your ntp-server package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ntp | eq | 1:4.2.0a+stable-2 |
References
Related
nessus
nessus
Debian DSA-801-1 : ntp - programming error
2005-09-06 00:00:00
Ubuntu 4.10 : ntp vulnerability (USN-175-1)
2006-01-15 00:00:00
debiancve
debiancve
CVE-2005-2496
2005-09-02 17:03:00
centos
centos
ntp security update
2006-08-24 00:24:36
ubuntucve
ubuntucve
CVE-2005-2496
2005-09-02 00:00:00
debian
debian
[SECURITY] [DSA 801-1] New ntp packages fix group id confusion
2005-09-05 09:58:35
[SECURITY] [DSA 801-1] New ntp packages fix group id confusion
2005-09-05 09:58:35
redhat
redhat
(RHSA-2006:0393) ntp security update
2006-08-10 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-801-1)
2008-01-17 00:00:00
NTPd <= 4.2.0 Privilege Escalation Vulnerability
2021-07-07 00:00:00
Ubuntu: Security Advisory (USN-175-1)
2022-08-26 00:00:00
cvelist
cvelist
CVE-2005-2496
2005-09-02 04:00:00
cve
cve
CVE-2005-2496
2005-09-02 17:03:00
nvd
nvd
CVE-2005-2496
2005-09-02 17:03:00
ubuntu
ubuntu
ntp server vulnerability
2005-09-02 00:00:00