Back to search
CVE-2017-1000082
Published: Jul 7, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/systemd/systemd/issues/6237
x_refsource_CONFIRM
1038839
vdb-entry
x_refsource_SECTRACK
99507
vdb-entry
x_refsource_BID
[oss-security] 20170702 systemd fails to parse user that should run service
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now