Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by dave_mills
CVE-2005-2496 (GCVE-0-2005-2496)
Vulnerability from nvd – Published: 2005-09-02 04:00 – Updated: 2024-08-07 22:30
VLAI
Summary
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/14673 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2006-03… | vendor-advisoryx_refsource_REDHAT |
| http://www.securityspace.com/smysecure/catid.html… | vendor-advisoryx_refsource_FEDORA |
| http://www.osvdb.org/19055 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21464 | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/id?1016679 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/16602 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2005/1561 | vdb-entryx_refsource_VUPEN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.debian.org/security/2005/dsa-801 | vendor-advisoryx_refsource_DEBIAN |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2005-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14673",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14673"
},
{
"name": "RHSA-2006:0393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0393.html"
},
{
"name": "FEDORA-2005-812",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityspace.com/smysecure/catid.html?id=55155"
},
{
"name": "19055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19055"
},
{
"name": "21464",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21464"
},
{
"name": "1016679",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016679"
},
{
"name": "16602",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16602"
},
{
"name": "ADV-2005-1561",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/1561"
},
{
"name": "MDKSA-2005:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156"
},
{
"name": "ntp-incorrect-group-permissions(22035)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035"
},
{
"name": "DSA-801",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-801"
},
{
"name": "oval:org.mitre.oval:def:9669",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "14673",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14673"
},
{
"name": "RHSA-2006:0393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0393.html"
},
{
"name": "FEDORA-2005-812",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityspace.com/smysecure/catid.html?id=55155"
},
{
"name": "19055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19055"
},
{
"name": "21464",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21464"
},
{
"name": "1016679",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016679"
},
{
"name": "16602",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16602"
},
{
"name": "ADV-2005-1561",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/1561"
},
{
"name": "MDKSA-2005:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156"
},
{
"name": "ntp-incorrect-group-permissions(22035)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035"
},
{
"name": "DSA-801",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-801"
},
{
"name": "oval:org.mitre.oval:def:9669",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2496",
"datePublished": "2005-09-02T04:00:00.000Z",
"dateReserved": "2005-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0414 (GCVE-0-2001-0414)
Vulnerability from nvd – Published: 2001-09-18 04:00 – Updated: 2024-08-08 04:21
VLAI
Summary
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
24 references
Date Public
2001-04-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:37.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-045.html"
},
{
"name": "SuSE-SA:2001:10",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2001-Apr/0000.html"
},
{
"name": "20010409 [ESA-20010409-01] xntp buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0127.html"
},
{
"name": "20010409 ntp-4.99k23.tar.gz is available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98683952401753\u0026w=2"
},
{
"name": "SSE073",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/SSE/sse073.ltr"
},
{
"name": "MDKSA-2001:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3"
},
{
"name": "NetBSD-SA2001-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2001-004.txt.asc"
},
{
"name": "SSE074",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/SSE/sse074.ltr"
},
{
"name": "20010404 ntpd =\u003c 4.0.99k remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98642418618512\u0026w=2"
},
{
"name": "CLA-2001:392",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000392"
},
{
"name": "805",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/805"
},
{
"name": "20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684532921941\u0026w=2"
},
{
"name": "2540",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2540"
},
{
"name": "oval:org.mitre.oval:def:3831",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3831"
},
{
"name": "20010406 Immunix OS Security update for ntp and xntp3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98659782815613\u0026w=2"
},
{
"name": "20010405 Re: ntpd =\u003c 4.0.99k remote buffer overflow]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98654963328381\u0026w=2"
},
{
"name": "20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0225.html"
},
{
"name": "20010408 [slackware-security] buffer overflow fix for NTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679815917014\u0026w=2"
},
{
"name": "20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0314.html"
},
{
"name": "FreeBSD-SA-01:31",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:31.ntpd.asc"
},
{
"name": "20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684202610470\u0026w=2"
},
{
"name": "DSA-045",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2001/dsa-045"
},
{
"name": "ntpd-remote-bo(6321)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6321"
},
{
"name": "CSSA-2001-013",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-013.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-045.html"
},
{
"name": "SuSE-SA:2001:10",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2001-Apr/0000.html"
},
{
"name": "20010409 [ESA-20010409-01] xntp buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0127.html"
},
{
"name": "20010409 ntp-4.99k23.tar.gz is available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98683952401753\u0026w=2"
},
{
"name": "SSE073",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/SSE/sse073.ltr"
},
{
"name": "MDKSA-2001:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3"
},
{
"name": "NetBSD-SA2001-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2001-004.txt.asc"
},
{
"name": "SSE074",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/SSE/sse074.ltr"
},
{
"name": "20010404 ntpd =\u003c 4.0.99k remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98642418618512\u0026w=2"
},
{
"name": "CLA-2001:392",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000392"
},
{
"name": "805",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/805"
},
{
"name": "20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684532921941\u0026w=2"
},
{
"name": "2540",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2540"
},
{
"name": "oval:org.mitre.oval:def:3831",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3831"
},
{
"name": "20010406 Immunix OS Security update for ntp and xntp3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98659782815613\u0026w=2"
},
{
"name": "20010405 Re: ntpd =\u003c 4.0.99k remote buffer overflow]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98654963328381\u0026w=2"
},
{
"name": "20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0225.html"
},
{
"name": "20010408 [slackware-security] buffer overflow fix for NTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679815917014\u0026w=2"
},
{
"name": "20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0314.html"
},
{
"name": "FreeBSD-SA-01:31",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:31.ntpd.asc"
},
{
"name": "20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684202610470\u0026w=2"
},
{
"name": "DSA-045",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2001/dsa-045"
},
{
"name": "ntpd-remote-bo(6321)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6321"
},
{
"name": "CSSA-2001-013",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-013.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-045.html"
},
{
"name": "SuSE-SA:2001:10",
"refsource": "SUSE",
"url": "http://lists.suse.com/archives/suse-security-announce/2001-Apr/0000.html"
},
{
"name": "20010409 [ESA-20010409-01] xntp buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0127.html"
},
{
"name": "20010409 ntp-4.99k23.tar.gz is available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98683952401753\u0026w=2"
},
{
"name": "SSE073",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/SSE/sse073.ltr"
},
{
"name": "MDKSA-2001:036",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3"
},
{
"name": "NetBSD-SA2001-004",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2001-004.txt.asc"
},
{
"name": "SSE074",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/SSE/sse074.ltr"
},
{
"name": "20010404 ntpd =\u003c 4.0.99k remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98642418618512\u0026w=2"
},
{
"name": "CLA-2001:392",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000392"
},
{
"name": "805",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/805"
},
{
"name": "20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98684532921941\u0026w=2"
},
{
"name": "2540",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2540"
},
{
"name": "oval:org.mitre.oval:def:3831",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3831"
},
{
"name": "20010406 Immunix OS Security update for ntp and xntp3",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98659782815613\u0026w=2"
},
{
"name": "20010405 Re: ntpd =\u003c 4.0.99k remote buffer overflow]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98654963328381\u0026w=2"
},
{
"name": "20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0225.html"
},
{
"name": "20010408 [slackware-security] buffer overflow fix for NTP",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98679815917014\u0026w=2"
},
{
"name": "20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0314.html"
},
{
"name": "FreeBSD-SA-01:31",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:31.ntpd.asc"
},
{
"name": "20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98684202610470\u0026w=2"
},
{
"name": "DSA-045",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2001/dsa-045"
},
{
"name": "ntpd-remote-bo(6321)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6321"
},
{
"name": "CSSA-2001-013",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-013.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0414",
"datePublished": "2001-09-18T04:00:00.000Z",
"dateReserved": "2001-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:21:37.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2496 (GCVE-0-2005-2496)
Vulnerability from cvelistv5 – Published: 2005-09-02 04:00 – Updated: 2024-08-07 22:30
VLAI
Summary
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/14673 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2006-03… | vendor-advisoryx_refsource_REDHAT |
| http://www.securityspace.com/smysecure/catid.html… | vendor-advisoryx_refsource_FEDORA |
| http://www.osvdb.org/19055 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21464 | third-party-advisoryx_refsource_SECUNIA |
| http://securitytracker.com/id?1016679 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/16602 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2005/1561 | vdb-entryx_refsource_VUPEN |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.debian.org/security/2005/dsa-801 | vendor-advisoryx_refsource_DEBIAN |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2005-09-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14673",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14673"
},
{
"name": "RHSA-2006:0393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0393.html"
},
{
"name": "FEDORA-2005-812",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityspace.com/smysecure/catid.html?id=55155"
},
{
"name": "19055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19055"
},
{
"name": "21464",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21464"
},
{
"name": "1016679",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016679"
},
{
"name": "16602",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16602"
},
{
"name": "ADV-2005-1561",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/1561"
},
{
"name": "MDKSA-2005:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156"
},
{
"name": "ntp-incorrect-group-permissions(22035)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035"
},
{
"name": "DSA-801",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-801"
},
{
"name": "oval:org.mitre.oval:def:9669",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-09-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "14673",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14673"
},
{
"name": "RHSA-2006:0393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0393.html"
},
{
"name": "FEDORA-2005-812",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityspace.com/smysecure/catid.html?id=55155"
},
{
"name": "19055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19055"
},
{
"name": "21464",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21464"
},
{
"name": "1016679",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016679"
},
{
"name": "16602",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16602"
},
{
"name": "ADV-2005-1561",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/1561"
},
{
"name": "MDKSA-2005:156",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156"
},
{
"name": "ntp-incorrect-group-permissions(22035)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035"
},
{
"name": "DSA-801",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-801"
},
{
"name": "oval:org.mitre.oval:def:9669",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-2496",
"datePublished": "2005-09-02T04:00:00.000Z",
"dateReserved": "2005-08-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:30:01.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0414 (GCVE-0-2001-0414)
Vulnerability from cvelistv5 – Published: 2001-09-18 04:00 – Updated: 2024-08-08 04:21
VLAI
Summary
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
24 references
Date Public
2001-04-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:21:37.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-045.html"
},
{
"name": "SuSE-SA:2001:10",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2001-Apr/0000.html"
},
{
"name": "20010409 [ESA-20010409-01] xntp buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0127.html"
},
{
"name": "20010409 ntp-4.99k23.tar.gz is available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98683952401753\u0026w=2"
},
{
"name": "SSE073",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/SSE/sse073.ltr"
},
{
"name": "MDKSA-2001:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3"
},
{
"name": "NetBSD-SA2001-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2001-004.txt.asc"
},
{
"name": "SSE074",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/SSE/sse074.ltr"
},
{
"name": "20010404 ntpd =\u003c 4.0.99k remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98642418618512\u0026w=2"
},
{
"name": "CLA-2001:392",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000392"
},
{
"name": "805",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/805"
},
{
"name": "20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684532921941\u0026w=2"
},
{
"name": "2540",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2540"
},
{
"name": "oval:org.mitre.oval:def:3831",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3831"
},
{
"name": "20010406 Immunix OS Security update for ntp and xntp3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98659782815613\u0026w=2"
},
{
"name": "20010405 Re: ntpd =\u003c 4.0.99k remote buffer overflow]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98654963328381\u0026w=2"
},
{
"name": "20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0225.html"
},
{
"name": "20010408 [slackware-security] buffer overflow fix for NTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679815917014\u0026w=2"
},
{
"name": "20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0314.html"
},
{
"name": "FreeBSD-SA-01:31",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:31.ntpd.asc"
},
{
"name": "20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684202610470\u0026w=2"
},
{
"name": "DSA-045",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2001/dsa-045"
},
{
"name": "ntpd-remote-bo(6321)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6321"
},
{
"name": "CSSA-2001-013",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-013.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-045.html"
},
{
"name": "SuSE-SA:2001:10",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2001-Apr/0000.html"
},
{
"name": "20010409 [ESA-20010409-01] xntp buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0127.html"
},
{
"name": "20010409 ntp-4.99k23.tar.gz is available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98683952401753\u0026w=2"
},
{
"name": "SSE073",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/SSE/sse073.ltr"
},
{
"name": "MDKSA-2001:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3"
},
{
"name": "NetBSD-SA2001-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2001-004.txt.asc"
},
{
"name": "SSE074",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/SSE/sse074.ltr"
},
{
"name": "20010404 ntpd =\u003c 4.0.99k remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98642418618512\u0026w=2"
},
{
"name": "CLA-2001:392",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000392"
},
{
"name": "805",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/805"
},
{
"name": "20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684532921941\u0026w=2"
},
{
"name": "2540",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2540"
},
{
"name": "oval:org.mitre.oval:def:3831",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3831"
},
{
"name": "20010406 Immunix OS Security update for ntp and xntp3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98659782815613\u0026w=2"
},
{
"name": "20010405 Re: ntpd =\u003c 4.0.99k remote buffer overflow]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98654963328381\u0026w=2"
},
{
"name": "20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0225.html"
},
{
"name": "20010408 [slackware-security] buffer overflow fix for NTP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98679815917014\u0026w=2"
},
{
"name": "20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0314.html"
},
{
"name": "FreeBSD-SA-01:31",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:31.ntpd.asc"
},
{
"name": "20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98684202610470\u0026w=2"
},
{
"name": "DSA-045",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2001/dsa-045"
},
{
"name": "ntpd-remote-bo(6321)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6321"
},
{
"name": "CSSA-2001-013",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-013.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-045.html"
},
{
"name": "SuSE-SA:2001:10",
"refsource": "SUSE",
"url": "http://lists.suse.com/archives/suse-security-announce/2001-Apr/0000.html"
},
{
"name": "20010409 [ESA-20010409-01] xntp buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0127.html"
},
{
"name": "20010409 ntp-4.99k23.tar.gz is available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98683952401753\u0026w=2"
},
{
"name": "SSE073",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/SSE/sse073.ltr"
},
{
"name": "MDKSA-2001:036",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3"
},
{
"name": "NetBSD-SA2001-004",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2001-004.txt.asc"
},
{
"name": "SSE074",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/SSE/sse074.ltr"
},
{
"name": "20010404 ntpd =\u003c 4.0.99k remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98642418618512\u0026w=2"
},
{
"name": "CLA-2001:392",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000392"
},
{
"name": "805",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/805"
},
{
"name": "20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98684532921941\u0026w=2"
},
{
"name": "2540",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2540"
},
{
"name": "oval:org.mitre.oval:def:3831",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3831"
},
{
"name": "20010406 Immunix OS Security update for ntp and xntp3",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98659782815613\u0026w=2"
},
{
"name": "20010405 Re: ntpd =\u003c 4.0.99k remote buffer overflow]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98654963328381\u0026w=2"
},
{
"name": "20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0225.html"
},
{
"name": "20010408 [slackware-security] buffer overflow fix for NTP",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98679815917014\u0026w=2"
},
{
"name": "20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0314.html"
},
{
"name": "FreeBSD-SA-01:31",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:31.ntpd.asc"
},
{
"name": "20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98684202610470\u0026w=2"
},
{
"name": "DSA-045",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2001/dsa-045"
},
{
"name": "ntpd-remote-bo(6321)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6321"
},
{
"name": "CSSA-2001-013",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-013.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0414",
"datePublished": "2001-09-18T04:00:00.000Z",
"dateReserved": "2001-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:21:37.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}