CyberSec.Space Logo
Back to CVE Browser

CVE-2005-3254

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1730%
EPSS Percentile28.72th
PublishedOct 18, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems.

Affected Platforms (CPE)

πŸ“¦
Nathan Neulinger

Cgiwrap

= 1.0
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.0
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.1
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.2
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.3
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.4
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.5
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.6
πŸ“¦
Nathan Neulinger

Cgiwrap

= 2.7
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.0
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.1
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.2
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.3
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.4
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.5
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.6
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.6.1
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.6.2
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.6.3
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.6.4
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.6.5
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.7
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.7.1
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.8
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.11
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.21
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.22
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.23
πŸ“¦
Nathan Neulinger

Cgiwrap

= 3.24

References & Advisories

πŸ”— http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html
πŸ”— http://lists.alioth.debian.org/pipermail/secure-testing-announce/2005-August/000003.html

Related Vulnerabilities

CVE-2000-04317.5

Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which a...

CVE-2001-09877.5

Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clie...

CVE-2005-32555.0

The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web documen...

CVE-2006-07675.0

CGIWrap before 3.10 allows remote attackers to obtain sensitive information via unknown attack vectors that cause errors in script...