Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2005-0205
HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0205

2005-05-0204:00:00
[email protected]
web.nvd.nist.gov
29
kppp
kde 3.1.5
cve-2005-0205
information security
local privilege escalation
file descriptor vulnerability

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp.

Affected configurations

NVD
Node
bernd_wuebbenkpppMatch2.1.2
OR
kdekdeMatch3.1
OR
kdekdeMatch3.1.1
OR
kdekdeMatch3.1.2
OR
kdekdeMatch3.1.3
OR
kdekdeMatch3.1.4
OR
kdekdeMatch3.1.5

Related

redhat 1
openvas 2
cvelist 1
nvd 1
nessus 2
securityvulns 1
ubuntucve 1
debian 2
osv 1
redhat
redhat
(RHSA-2005:175) kdenetwork security update
2005-03-03 00:00:00
openvas
openvas
Debian Security Advisory DSA 692-1 (kdenetwork)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-692-1)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2005-0205
2005-02-28 05:00:00
nvd
nvd
CVE-2005-0205
2005-05-02 04:00:00
nessus
nessus
Debian DSA-692-1 : kdenetwork - design flaw
2005-03-09 00:00:00
RHEL 2.1 / 3 : kdenetwork (RHSA-2005:175)
2005-03-04 00:00:00
securityvulns
securityvulns
iDEFENSE Security Advisory 02.28.05: KPPP Privileged File Descriptor Leak Vulnerability
2005-02-28 00:00:00
ubuntucve
ubuntucve
CVE-2005-0205
2005-05-02 00:00:00
debian
debian
[SECURITY] [DSA 692-1] New kppp packages fix privileged file descriptor leak
2005-03-08 16:56:52
[SECURITY] [DSA 692-1] New kppp packages fix privileged file descriptor leak
2005-03-08 16:56:52
osv
osv
kppp - design flaw
2005-03-08 00:00:00

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2005-0205
redhat1openvas2cvelist1nvd1nessus2securityvulns1ubuntucve1debian2osv1