3 matches found
CVE-2006-7094
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors...
CVE-2006-7094
CVE-2006-7094 affects ftpd used by Gentoo and Debian Linux. The root cause is that the daemon sets the group ID to the effective UID instead of the effective GID before executing /bin/ls, allowing remote authenticated users to list arbitrary directories with the privileges of gid 0 and potentiall...
CVE-2006-7094
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors...