Lucene search
HistoryMar 22, 2006 - 11:00 a.m.
CVE-2005-4347
linux
kernel
patch
vserver
debian
gnu/linux
chroot
barrier
util-vserver
security vulnerability
cve-2005-4347
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.6%
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the “chroot barrier” with util-vserver, which allows attackers to access files on the host system that are outside of the vserver.
Affected configurations
Node
debiankernel-patch-vserverRange<1.9.5.5
ORdebiankernel-patch-vserverRange2.0–2.2
ORdebiandebian_linuxMatch3.0
ORdebiandebian_linuxMatch3.1
Related
nvd
nvd
CVE-2005-4347
2005-12-31 05:00:00
cvelist
cvelist
CVE-2005-4347
2006-03-22 11:00:00
ubuntucve
ubuntucve
CVE-2005-4347
2005-12-31 00:00:00
debiancve
debiancve
CVE-2005-4347
2006-03-22 11:00:00
openvas
openvas
Debian: Security Advisory (DSA-1011-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1011-1 (kernel-patch-vserver, util-vserver)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-1011-1 : kernel-patch-vserver - missing attribute support
2006-10-14 00:00:00
debian
debian
[SECURITY] [DSA 1011-1] New kernel-patch-vserver packages fix root exploit
2006-03-21 06:53:32
[SECURITY] [DSA 1011-1] New kernel-patch-vserver packages fix root exploit
2006-03-21 06:53:32
osv
osv
kernel-patch-server, util-vserver - missing attribute support
2005-03-21 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.6%
Related for CVE-2005-4347