Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2004-0793

The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file.

PublishedOct 20, 2004, 04:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://marc.info/?l=bugtraq&m=109396230317359&w=2
http://www.securityfocus.com/bid/11077
https://exchange.xforce.ibmcloud.com/vulnerabilities/17162

Weakness Type

CWE-264

CVSS Metrics

Base Score

7.2

Vector String

AV:L/AC:L/Au:N/C:C/I:C/A:C

Base SeverityUnknown

Version

2.0

Attack Vector (AV)