Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2026-1615)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2026-1587)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2026-1097)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2026-1077)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2026-1056)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2026-1035)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : proftpd (EulerOS-SA-2025-2528)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2025-2507)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2025-2528)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

Security update for proftpd

This update for proftpd fixes the following issues: CVE-2024-57392: Fixed null pointer dereference vulnerability by sending a maliciously crafted message bsc1238143. CVE-2024-48651: Fixed supplemental group inheritance granting unintended access to GID 0 bsc1238141. Patch Instructions: To install...

CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

UBUNTU-CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

samba incorrect primary group assignment for domain users using the rfc2307 or sfu winbind nss info plugin

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

CVE-2007-4138

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

DEBIAN-CVE-2007-4138

The Winbind nssinfo extension nsswitch/idmapad.c in idmapad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the 1 RFC2307 or 2 Services for UNIX SFU primary group attribute is not defined...

DEBIAN-CVE-2006-7094

ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors...

KDE: /usr/bin/kdesud, gid = 0 exploit

/usr/bin/kdesud has DISPLAY enviroment variable overflow. tested on Mandrake 7.02 Air, exploit will get you gid=0 Shameless self promotion: Any security related job in Istanbul/Turkey ??? Respect, noir / KDE: /usr/bin/kdesud exploit by noir x86/Linux [email protected] | [email protected] DISPL...

Slackware Linux 3.5 - '/etc/group' Local Privilege Escalation

source: https://www.securityfocus.com/bid/155/info Due to the way /bin/login behaves when a /etc/group file is not present under Slackware's version of the password shadowing suite, users who log in while this file is not present will be given uid and gid 0. This will allow them unrestricted acce...