CVE-2005-2496 - OpenCVE

The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Dave Mills	Ntpd

Configuration 1 [-]

cpe:2.3:a:dave_mills:ntpd:*:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/16602	Vendor Advisory
http://secunia.com/advisories/21464
http://securitytracker.com/id?1016679
http://www.debian.org/security/2005/dsa-801
http://www.mandriva.com/security/advisories?name=MDKSA-2005:156
http://www.osvdb.org/19055
http://www.redhat.com/support/errata/RHSA-2006-0393.html
http://www.securityfocus.com/bid/14673
http://www.securityspace.com/smysecure/catid.html?id=55155	Vendor Advisory
http://www.vupen.com/english/advisories/2005/1561
https://exchange.xforce.ibmcloud.com/vulnerabilities/22035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2005-09-02T04:00:00

Updated: 2017-10-10T00:57:01

Reserved: 2005-08-08T00:00:00

Link: CVE-2005-2496

JSON object: View

NVD Information

Status : Modified

Published: 2005-09-02T17:03:00.000

Modified: 2017-10-11T01:30:17.687

Link: CVE-2005-2496

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-09-02T00:00:00", "descriptions": [{"lang": "en", "value": "The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "14673", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14673"}, {"name": "RHSA-2006:0393", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0393.html"}, {"name": "FEDORA-2005-812", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.securityspace.com/smysecure/catid.html?id=55155"}, {"name": "19055", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/19055"}, {"name": "21464", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21464"}, {"name": "1016679", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016679"}, {"name": "16602", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/16602"}, {"name": "ADV-2005-1561", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/1561"}, {"name": "MDKSA-2005:156", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156"}, {"name": "ntp-incorrect-group-permissions(22035)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035"}, {"name": "DSA-801", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2005/dsa-801"}, {"name": "oval:org.mitre.oval:def:9669", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-2496", "datePublished": "2005-09-02T04:00:00", "dateReserved": "2005-08-08T00:00:00", "dateUpdated": "2017-10-10T00:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dave_mills:ntpd:*:*:*:*:*:*:*:*", "matchCriteriaId": "15B98E7B-989D-4677-90A2-0314EFBCB45E", "versionEndIncluding": "4.2.0.a.2004-06-17_4.fc3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended."}], "id": "CVE-2005-2496", "lastModified": "2017-10-11T01:30:17.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-09-02T17:03:00.000", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/16602"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/21464"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1016679"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-801"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/19055"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0393.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/14673"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.securityspace.com/smysecure/catid.html?id=55155"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2005/1561"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}