High severity7.8OSV Advisory· Published Mar 12, 2018· Updated Jun 17, 2026
CVE-2017-18225
CVE-2017-18225
Description
The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: jabberd-2.6.1
<=2.6.1+ 1 more
- (no CPE)range: <=2.6.1
- (no CPE)range: <=2.6.1
Patches
Vulnerability mechanics
References
1- bugs.gentoo.org/629412nvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.