{"enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2017-04-28T13:20:18", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3254"]}], "modified": "2017-04-28T13:20:18", "rev": 2}, "vulnersScore": 6.4}, "bulletinFamily": "software", "affectedSoftware": [], "references": [], "href": "https://vulners.com/osvdb/OSVDB:21579", "id": "OSVDB:21579", "title": "CGIWrap on Debian UID Mismatch Privilege Escalation", "type": "osvdb", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "lastseen": "2017-04-28T13:20:18", "edition": 1, "reporter": "OSVDB", "description": "# No description provided by the source\n\n## References:\nMail List Post: http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html\n[CVE-2005-3254](https://vulners.com/cve/CVE-2005-3254)\n", "modified": "2005-08-28T16:20:08", "viewCount": 1, "published": "2005-08-28T16:20:08", "cvelist": ["CVE-2005-3254"]}

{"cve": [{"lastseen": "2020-10-03T11:34:56", "description": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.", "edition": 3, "cvss3": {}, "published": "2005-10-18T21:02:00", "title": "CVE-2005-3254", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-3254"], "modified": "2008-09-05T20:53:00", "cpe": ["cpe:/a:nathan_neulinger:cgiwrap:3.8", "cpe:/a:nathan_neulinger:cgiwrap:3.3", "cpe:/a:nathan_neulinger:cgiwrap:3.22", "cpe:/a:nathan_neulinger:cgiwrap:3.5", "cpe:/a:nathan_neulinger:cgiwrap:3.6.4", "cpe:/a:nathan_neulinger:cgiwrap:3.4", "cpe:/a:nathan_neulinger:cgiwrap:2.3", "cpe:/a:nathan_neulinger:cgiwrap:3.6.2", "cpe:/a:nathan_neulinger:cgiwrap:3.6.3", "cpe:/a:nathan_neulinger:cgiwrap:3.7.1", "cpe:/a:nathan_neulinger:cgiwrap:2.7", "cpe:/a:nathan_neulinger:cgiwrap:3.21", "cpe:/a:nathan_neulinger:cgiwrap:3.24", "cpe:/a:nathan_neulinger:cgiwrap:2.2", "cpe:/a:nathan_neulinger:cgiwrap:2.4", "cpe:/a:nathan_neulinger:cgiwrap:3.6.5", "cpe:/a:nathan_neulinger:cgiwrap:3.7", "cpe:/a:nathan_neulinger:cgiwrap:3.6", "cpe:/a:nathan_neulinger:cgiwrap:2.1", "cpe:/a:nathan_neulinger:cgiwrap:1.0", "cpe:/a:nathan_neulinger:cgiwrap:3.11", "cpe:/a:nathan_neulinger:cgiwrap:3.6.1", "cpe:/a:nathan_neulinger:cgiwrap:3.1", "cpe:/a:nathan_neulinger:cgiwrap:3.0", "cpe:/a:nathan_neulinger:cgiwrap:2.0", "cpe:/a:nathan_neulinger:cgiwrap:3.23", "cpe:/a:nathan_neulinger:cgiwrap:2.6", "cpe:/a:nathan_neulinger:cgiwrap:2.5", "cpe:/a:nathan_neulinger:cgiwrap:3.2"], "id": "CVE-2005-3254", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3254", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:nathan_neulinger:cgiwrap:2.4:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:2.2:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:2.0:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:2.1:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:1.0:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.1:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.21:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.5:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:2.7:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.11:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.22:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.23:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.0:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.5:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.3:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.2:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:2.3:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:2.5:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.2:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.4:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.4:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7.1:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:2.6:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.1:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.3:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.8:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7:*:debian_gnu_linux:*:*:*:*:*", "cpe:2.3:a:nathan_neulinger:cgiwrap:3.24:*:debian_gnu_linux:*:*:*:*:*"]}]}