CVE-2005-4532 - OpenCVE

scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Scponly	Scponly

Configuration 1 [-]

OR	cpe:2.3:a:scponly:scponly:3.1:::::::*
	cpe:2.3:a:scponly:scponly:3.2:::::::*
	cpe:2.3:a:scponly:scponly:3.3:::::::*
	cpe:2.3:a:scponly:scponly:3.4:::::::*
	cpe:2.3:a:scponly:scponly:3.6:::::::*
	cpe:2.3:a:scponly:scponly:3.7:::::::*
	cpe:2.3:a:scponly:scponly:3.8:::::::*
	cpe:2.3:a:scponly:scponly:3.9:::::::*
	cpe:2.3:a:scponly:scponly:3.11:::::::*
	cpe:2.3:a:scponly:scponly:4.0:::::::*
	cpe:2.3:a:scponly:scponly:4.1:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/18223
http://secunia.com/advisories/18236
http://secunia.com/advisories/18829
http://sublimation.org/scponly/#relnotes
http://www.debian.org/security/2006/dsa-969
http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml
http://www.securityfocus.com/bid/16051
https://exchange.xforce.ibmcloud.com/vulnerabilities/23874

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-12-28T01:00:00

Updated: 2024-08-07T23:46:05.538Z

Reserved: 2005-12-28T00:00:00

Link: CVE-2005-4532

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-12-28T01:03:00.000

Modified: 2017-07-20T01:29:17.253

Link: CVE-2005-4532

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-12-23T00:00:00", "descriptions": [{"lang": "en", "value": "scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "18223", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18223"}, {"name": "16051", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16051"}, {"name": "18236", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18236"}, {"name": "DSA-969", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-969"}, {"name": "18829", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18829"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sublimation.org/scponly/#relnotes"}, {"name": "GLSA-200512-17", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml"}, {"name": "scponly-scponlyc-privilege-escalation(23874)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23874"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-4532", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "18223", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18223"}, {"name": "16051", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16051"}, {"name": "18236", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18236"}, {"name": "DSA-969", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-969"}, {"name": "18829", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18829"}, {"name": "http://sublimation.org/scponly/#relnotes", "refsource": "CONFIRM", "url": "http://sublimation.org/scponly/#relnotes"}, {"name": "GLSA-200512-17", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml"}, {"name": "scponly-scponlyc-privilege-escalation(23874)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23874"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:46:05.538Z"}, "title": "CVE Program Container", "references": [{"name": "18223", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18223"}, {"name": "16051", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16051"}, {"name": "18236", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18236"}, {"name": "DSA-969", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-969"}, {"name": "18829", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18829"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sublimation.org/scponly/#relnotes"}, {"name": "GLSA-200512-17", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml"}, {"name": "scponly-scponlyc-privilege-escalation(23874)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23874"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-4532", "datePublished": "2005-12-28T01:00:00", "dateReserved": "2005-12-28T00:00:00", "dateUpdated": "2024-08-07T23:46:05.538Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:scponly:scponly:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "54CA4642-65F9-459B-A89A-DEC2D375E6B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "8191863F-F89D-41E8-91F8-8FC1D3EB25D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "7770880B-A0E2-49C8-A9BB-D217A6956400", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "633BCC6F-3E3E-43F9-B7B6-E83BCB4D5048", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.6:*:*:*:*:*:*:*", "matchCriteriaId": "BDBF494D-6888-4A67-9E91-B7844C3FCD7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.7:*:*:*:*:*:*:*", "matchCriteriaId": "CCDEA7D6-EB9E-465A-BA6B-E1584A413544", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.8:*:*:*:*:*:*:*", "matchCriteriaId": "B37D1F24-B45D-4217-972E-61BED886275A", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.9:*:*:*:*:*:*:*", "matchCriteriaId": "71D3E1C8-ADCB-4A5F-8078-66942E36DF6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "190FB980-F17F-43A9-8DA4-B2A99E29DF3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C4AF8092-4E2B-474C-9B5D-1252A2A3624C", "vulnerable": true}, {"criteria": "cpe:2.3:a:scponly:scponly:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "298502A9-5E53-4CBE-BCCA-6D86EFDD3BF3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application."}], "id": "CVE-2005-4532", "lastModified": "2017-07-20T01:29:17.253", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-28T01:03:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18223"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/18236"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/18829"}, {"source": "cve@mitre.org", "url": "http://sublimation.org/scponly/#relnotes"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-969"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200512-17.xml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16051"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23874"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}