Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2021/07/07 12:0 a.m.27 views

NTPd <= 4.2.0 Privilege Escalation Vulnerability

NTPd is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntp:ntp"; ifdescription...

4.6CVSS6.7AI score0.00445EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/08/30 12:0 a.m.23 views

CentOS 4 : ntp (CESA-2006:0393)

Updated ntp packages that fix several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a reference time source. The NTP daemon ntpd, when run with the...

4.6CVSS5.5AI score0.00445EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/08/14 12:0 a.m.27 views

RHEL 4 : ntp (RHSA-2006:0393)

Updated ntp packages that fix several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a reference time source. The NTP daemon ntpd, when run with the...

4.6CVSS5.5AI score0.00445EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.17 views

MDKSA-2005:156 : ntp

When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group. The updated packages have been patched to correct this problem. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associate...

6.4AI score0.00445EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/09/17 12:0 a.m.33 views

Fedora Core 3 : ntp-4.2.0.a.20040617-5.FC3 (2005-812)

When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group. This problem is now fixed by this update. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2496 to this issue. Note tha...

4.6CVSS5.4AI score0.00445EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/09/06 12:0 a.m.26 views

Debian DSA-801-1 : ntp - programming error

SuSE developers discovered that ntp confuses the given group id with the group id of the given user when called with a group id on the commandline that is specified as a string and not as a numeric gid, which causes ntpd to run with different privileges than intended. %NASLMINLEVEL 70300 C Tenabl...

4.6CVSS5.4AI score0.00445EPSS
Exploits0References2
Debian
Debian
added 2005/09/05 9:58 a.m.20 views

[SECURITY] [DSA 801-1] New ntp packages fix group id confusion

-------------------------------------------------------------------------- Debian Security Advisory DSA 801-1 [email protected] http://www.debian.org/security/ Martin Schulze September 5th, 2005 http://www.debian.org/security/faq -...

4.6CVSS6AI score0.00445EPSS
Exploits0
NVD
NVD
added 2005/09/02 5:3 p.m.12 views

CVE-2005-2496

The xntpd ntp ntpd daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended...

4.6CVSS6.2AI score0.00445EPSS
Exploits0References12
OSV
OSV
added 2005/09/02 5:3 p.m.6 views

CVE-2005-2496

The xntpd ntp ntpd daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended...

6.3AI score
Exploits0References12
Cvelist
Cvelist
added 2005/09/02 4:0 a.m.27 views

CVE-2005-2496

The xntpd ntp ntpd daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended...

6.2AI score0.00445EPSS
Exploits0References12
CVE
CVE
added 2005/09/02 4:0 a.m.84 views

CVE-2005-2496

CVE-2005-2496 affects the ntp (ntpd) daemon when run with the -u option and a group name string; it causes ntpd to use the user’s group ID instead of the specified group, leading to privilege differences. Affected product is ntp/ntpd prior to the patched releases (e.g., ntp updates cited in RHSA-...

4.6CVSS6.2AI score0.00445EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder