Home > Vulnerability Database > CVE-2005-4352

Mend.io Vulnerability Database

CVE-2005-4352

Date: January 9, 2006

The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."

Severity Score

4.0

Related Resources (10)

Url: http://www.securityfocus.com/archive/1/421426/100/0/threaded

Url: http://www.redteam-pentesting.de/advisories/rt-sa-2005-16.txt

Url: http://secunia.com/advisories/25691

Url: http://www.securityfocus.com/archive/1/471457

Url: https://nvd.nist.gov/vuln/detail/CVE-2005-4352

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/24036

Url: http://securitytracker.com/id?1015454

Url: http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041178.html

Url: http://www.securityfocus.com/bid/16170

Url: https://www.mend.io/vulnerability-database/CVE-2005-4352

Severity Score

4.0

CVSS v3.1

Base Score:	4.0
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	2.1
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2005-4352

Date: January 9, 2006

Severity Score

Related Resources (10)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?