CVE-2004-0148

Severity

72%

Complexity

39%

Confidentiality

165%

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

SGI ProPack

First reported 20 years ago

2004-04-15 04:00:00

Last updated 6 years ago

2018-05-03 01:29:00

Affected Software

SGI ProPack 2.3

2.3

SGI ProPack 2.4

2.4

References

SSRT4704

11055

20168

102356

DSA-457

Patch, Vendor Advisory

ADV-2006-1867

RHSA-2004:096

Patch, Vendor Advisory

9832

Patch, Vendor Advisory

wuftpd-restrictedgid-gain-access(15423)

oval:org.mitre.oval:def:1147

oval:org.mitre.oval:def:1636

oval:org.mitre.oval:def:1637

oval:org.mitre.oval:def:648

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.