CVE-2005-4347
MediumThe Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver.
CVSS 2.0 score
5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
References
The following references provide additional information about CVE-2005-4347 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
Third Party Advisory
-
Debian Securityhttp://www.debian.org/security/2006/dsa-1011Vendor Advisory
-
Third Party Advisory VDB Entry
Frequently asked questions
-
What is CVE-2005-4347?
CVE-2005-4347 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.0 out of 10 . CVE-2005-4347 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
What is the CVSS score for CVE-2005-4347?
CVE-2005-4347 has a CVSS score of 5.0 out of 10, rated Medium severity (CVSS 2.0). The vector string is
AV:N/AC:L/Au:N/C:P/I:N/A:N. -
Is there a patch available for CVE-2005-4347?
No patch is currently available for CVE-2005-4347. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
-
Is CVE-2005-4347 actively exploited?
No — CVE-2005-4347 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.