CVE-2004-0601
published 2004-12-23CVE-2004-0601: distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass…
PriorityP428high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
0.43%
63.0th percentile
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | distcc | < distcc 2.18.1-4 (bookworm) | distcc 2.18.1-4 (bookworm) |
| distcc | distcc | — | — |
| distcc | distcc | — | — |
| distcc | distcc | — | — |
| distcc | distcc | — | — |
| distcc | distcc | — | — |
| distcc | distcc | — | — |
| distcc | distcc | — | — |
| distcc | distcc | — | — |
| distcc | distcc | >= 0 < 2.18.1-4 | 2.18.1-4 |
| distcc | distcc | >= 0 < 2.18.1-4 | 2.18.1-4 |
| distcc | distcc | >= 0 < 2.18.1-4 | 2.18.1-4 |
| distcc | distcc | >= 0 < 2.18.1-4 | 2.18.1-4 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2004-0601: distcc - distcc before 2.16, when running on 64-bit platforms, does not interpret IP-base...
vendor_debian·2004·CVSS 7.5
CVE-2004-0601 [HIGH] CVE-2004-0601: distcc - distcc before 2.16, when running on 64-bit platforms, does not interpret IP-base...
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions.
Scope: local
bookworm: resolved (fixed in 2.18.1-4)
bullseye: resolved (fixed in 2.18.1-4)
forky: resolved (fixed in 2.18.1-4)
sid: resolved (fixed in 2.18.1-4)
trixie: resolved (fixed in 2.18.1-4)
GHSA
GHSA-vxrm-mh87-53gf: distcc before 2
ghsa_unreviewed·2022-04-29
CVE-2004-0601 [HIGH] GHSA-vxrm-mh87-53gf: distcc before 2
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions.
OSV
CVE-2004-0601: distcc before 2
osv·2004-12-23·CVSS 7.5
CVE-2004-0601 [HIGH] CVE-2004-0601: distcc before 2
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://distcc.samba.org/ftp/distcc/distcc-2.17.NEWShttp://secunia.com/advisories/12711/http://www.securityfocus.com/bid/11319https://exchange.xforce.ibmcloud.com/vulnerabilities/17581http://distcc.samba.org/ftp/distcc/distcc-2.17.NEWShttp://secunia.com/advisories/12711/http://www.securityfocus.com/bid/11319https://exchange.xforce.ibmcloud.com/vulnerabilities/17581
2004-12-23
Published