Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-0395HistoryDec 06, 2004 - 5:00 a.m.
CVE-2004-0395
2004-12-0605:00:00
Debian Security Bug Tracker
security-tracker.debian.org
5
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | gatos | < 0.0.5-12 | gatos_0.0.5-12_all.deb |
| Debian | 11 | all | gatos | < 0.0.5-12 | gatos_0.0.5-12_all.deb |
| Debian | 10 | all | gatos | < 0.0.5-12 | gatos_0.0.5-12_all.deb |
Related
nessus
nessus
Debian DSA-509-1 : gatos - privilege escalation
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 509-1 (gatos)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-509)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-0395
2004-12-06 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 509-1] New gatos packages fix privilege escalation
2004-05-31 00:00:00
debian
debian
[SECURITY] [DSA 509-1] New gatos packages fix privilege escalation
2004-05-29 20:22:35
osv
osv
gatos - privilege escalation
2004-05-29 00:00:00
cve
cve
CVE-2004-0395
2004-12-06 05:00:00
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Related for DEBIANCVE:CVE-2004-0395