{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-10-18T04:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3254", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities", "refsource": "MLIST", "url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:01:59.072Z"}, "title": "CVE Program Container", "references": [{"name": "[secure-testing-announce] 20050828 [DTSA-6-1] New cgiwrap packages fix multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3254", "datePublished": "2005-10-18T04:00:00.000Z", "dateReserved": "2005-10-18T00:00:00.000Z", "dateUpdated": "2024-09-17T02:20:34.155Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:1.0:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "210D4507-0674-4CE8-B5E5-2968EBBD812A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.0:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "2C7E6FC7-B662-4EAD-BB70-4D0B71FC227B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.1:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "41C1A717-D4C5-4B13-B854-4876390FFE56", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.2:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "066CB342-3253-474E-BB68-3087DC25D4B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.3:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "A4E0DCAA-DD68-4F96-8FB5-93B50DEBCBAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.4:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "65B98F5D-BFCB-4D40-90E2-ADCB3DD01C41", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.5:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "34C675A3-DC2A-4B42-AC92-B360C5D9B24F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.6:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "F4DC500E-517C-4835-AC40-44982E465AB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:2.7:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "B3CD3A7F-825D-41DF-92FF-A60A33AC8B4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.0:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "EAF0C607-C08F-4D04-8ACE-2796AB369DF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.1:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "92229934-F6EF-469D-ADE1-7901BBD2252B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.2:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "90D1310E-824E-4C2A-AAE7-D0C9D27DA8C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.3:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "DF999CEA-56D2-464D-A6E0-A1972C2D0317", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.4:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "149D3D64-6B9B-4AC9-95F8-592BF2BE0349", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.5:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "FD972D61-0392-4EB3-9469-ACBBCF2637C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "90A7D13C-F694-4D4B-9B58-9DE68317C136", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.1:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "5EDF950B-043C-485F-A08E-DCF81EC931FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.2:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "384E9435-030F-43BC-9455-301F574CF663", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.3:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "1198FF43-4566-41B9-9297-D58323A64369", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.4:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "BFF334A9-3D51-4922-BCE1-D26F65899D69", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.6.5:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "467E03EB-EB96-466E-A960-072BCACFEF70", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "CF5DDD4C-B253-47EA-A7CC-2B4674903CDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.7.1:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "59515C6D-1B84-4D2C-9C9B-C2DC0DC8DAE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.8:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "7C272EA2-B65C-4F16-BACF-B7717319EC3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.11:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "CF865B2C-9643-4690-BF2F-57F21522AD11", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.21:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "F41C0839-B0B7-4BC7-A44B-F08A1649EB64", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.22:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "6831B987-BF5B-4555-825A-AF56C4EEC182", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.23:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "1CF0C54A-7D2E-45B2-97DD-F486D62F2E4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nathan_neulinger:cgiwrap:3.24:*:debian_gnu_linux:*:*:*:*:*", "matchCriteriaId": "05CFE913-3AA0-4B73-9A37-B449E6A4162D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems."}], "id": "CVE-2005-3254", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-10-18T21:02:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}