CVE-2004-0148
published 2004-04-15CVE-2004-0148: wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent…
PriorityP420high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.44%
35.3th percentile
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sgi | propack | — | — |
| sgi | propack | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
| washington_university | wu-ftpd | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
cscope: multiple buffer overflows
vendor_redhat·2009-04-30·CVSS 6.9
CVE-2009-0148 [MEDIUM] cscope: multiple buffer overflows
cscope: multiple buffer overflows
Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541.
Red Hat
security flaw
vendor_redhat·2004-03-08·CVSS 7.2
CVE-2004-0148 [HIGH] security flaw
security flaw
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
GHSA
GHSA-878w-8w5v-4v3j: wu-ftpd 2
ghsa_unreviewed·2022-04-29
CVE-2004-0148 [HIGH] GHSA-878w-8w5v-4v3j: wu-ftpd 2
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2004-0148 security flaw
bugzilla·2018-08-16·CVSS 7.2
CVE-2004-0148 [HIGH] CVE-2004-0148 security flaw
CVE-2004-0148 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
Bugzilla
CVE-2004-2541, CVE-2009-0148 cscope: multiple buffer overflows
bugzilla·2009-03-17·CVSS 6.9
CVE-2004-2541 [MEDIUM] CVE-2004-2541, CVE-2009-0148 cscope: multiple buffer overflows
CVE-2004-2541, CVE-2009-0148 cscope: multiple buffer overflows
Apple Security Team reported multiple buffer overflows in cscope, caused by insecure sprintf usage. Processing a maliciously crafted source file with cscope may lead to an unexpected application termination or arbitrary code execution.
Discussion:
Fixed upstream in 15.7a:
http://sourceforge.net/forum/forum.php?forum_id=947983
Upstream commits:
http://sourceforge.net/mailarchive/forum.php?thread_name=E1LsGx3-00015K-TN%40ddv4jf1.ch3.sourceforge.com&forum_name=cscope-cvs
http://sourceforge.net/mailarchive/forum.php?thread_name=E1LsGx3-00015C-TN%40ddv4jf1.ch3.sourceforge.com&forum_name=cscope-cvs
---
This CVE is duplicate / re-occurrence of old issue CVE-2004-2541:
Buffer overflow in Cscope 15.5, and possibly multiple overfl
http://marc.info/?l=bugtraq&m=108999466902690&w=2http://secunia.com/advisories/11055http://secunia.com/advisories/20168http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1http://www.debian.org/security/2004/dsa-457http://www.frsirt.com/english/advisories/2006/1867http://www.redhat.com/support/errata/RHSA-2004-096.htmlhttp://www.securityfocus.com/bid/9832https://exchange.xforce.ibmcloud.com/vulnerabilities/15423https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648http://marc.info/?l=bugtraq&m=108999466902690&w=2http://secunia.com/advisories/11055http://secunia.com/advisories/20168http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1http://www.debian.org/security/2004/dsa-457http://www.frsirt.com/english/advisories/2006/1867http://www.redhat.com/support/errata/RHSA-2004-096.htmlhttp://www.securityfocus.com/bid/9832https://exchange.xforce.ibmcloud.com/vulnerabilities/15423https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648
2004-04-15
Published