VulnerableCode Package Details - pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1

Search for packages

Package details: pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1

Essentials
History (0)

purl	pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1
Tags	Ghost

Next non-vulnerable version	2:2.0-1+deb11u2
Latest non-vulnerable version	2:2.4-2+deb12u1
Risk	3.5

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-9gr8-b5j3-aaae Aliases: CVE-2023-40303	GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.	2:2.0-1+deb11u2 Affected by 0 other vulnerabilities. 2:2.4-2+deb12u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-9gr8-b5j3-aaae
Aliases:
CVE-2023-40303

GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.

2:2.0-1+deb11u2
Affected by 0 other vulnerabilities.

2:2.4-2+deb12u1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version