Unrated severityNVD Advisory· Published Jul 12, 2012· Updated Apr 29, 2026
CVE-2012-2653
CVE-2012-2653
Description
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
Affected products
1- cpe:2.3:a:lawrence_berkeley_national_laboratory:arpwatch:2.1a15:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- lists.fedoraproject.org/pipermail/package-announce/2012-June/082553.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2012-June/082565.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2012-June/082569.htmlnvd
- www.debian.org/security/2012/dsa-2481nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2012/05/24/12nvd
- www.openwall.com/lists/oss-security/2012/05/24/13nvd
- www.openwall.com/lists/oss-security/2012/05/24/14nvd
- www.openwall.com/lists/oss-security/2012/05/25/5nvd
- security.gentoo.org/glsa/201607-16nvd
News mentions
0No linked articles in our index yet.