CVE-2005-2496

Name of the Vulnerable Software and Affected Versions ntp versions prior to 4.2.0b ntp-server (affected versions not specified)

Description The issue affects the ntpd daemon, causing it to run with different privileges than intended when run with the -u option and using a string to specify the group. This is due to the daemon using the group ID of the user instead of the group. Additionally, multiple vulnerabilities in the ntp-server package may lead to breaches of confidentiality, integrity, and availability of protected information, potentially exploitable by a local attacker.

Recommendations For versions prior to 4.2.0b, update to version 4.2.0b or later to resolve the issue. At the moment, there is no information about a newer version that contains a fix for the ntp-server package vulnerability.