Unrated severityNVD Advisory· Published Nov 21, 2006· Updated Apr 23, 2026

CVE-2006-6008

Description

ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different vulnerability than CVE-2006-5778.

Affected products

Netkit/Netkit
cpe:2.3:a:netkit:netkit:0.17:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.debian.org/cgi-bin/bugreport.cginvdPatch
bugs.gentoo.org/show_bug.cginvdPatch
ftp.debian.org/debian/pool/main/l/linux-ftpd/linux-ftpd_0.17-22.diff.gznvdPatch
secunia.com/advisories/22816nvdPatchVendor Advisory
secunia.com/advisories/22853nvdPatchVendor Advisory
www.gentoo.org/security/en/glsa/glsa-200611-05.xmlnvdPatchVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000