CVE-2004-0793

The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:debian:bsdmainutils:6.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.9:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.10:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.11:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.12:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.13:*:*:*:*:*:*:*
cpe:2.3:a:debian:bsdmainutils:6.0.14:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-10-20 04:00

Updated : 2024-02-28 10:24


NVD link : CVE-2004-0793

Mitre link : CVE-2004-0793

CVE.ORG link : CVE-2004-0793


JSON object : View

Products Affected

debian

  • bsdmainutils
CWE
CWE-264

Permissions, Privileges, and Access Controls