CVE-2005-2496

N/A Unknown

Published: September 02, 2005 Modified: April 16, 2026

Description

The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/16602

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/21464

Source: secalert@redhat.com

http://securitytracker.com/id?1016679

Source: secalert@redhat.com

http://www.debian.org/security/2005/dsa-801

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDKSA-2005:156

Source: secalert@redhat.com

http://www.osvdb.org/19055

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2006-0393.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/14673

Source: secalert@redhat.com

http://www.securityspace.com/smysecure/catid.html?id=55155

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2005/1561

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/22035

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669

Source: secalert@redhat.com

http://secunia.com/advisories/16602