CVE-2005-4352

low

Description

The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24036

http://www.securityfocus.com/bid/16170

http://www.securityfocus.com/archive/1/471457

http://www.securityfocus.com/archive/1/421426/100/0/threaded

http://securitytracker.com/id?1015454

http://secunia.com/advisories/25691

Details

Source: Mitre, NVD

Published: 2005-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

EPSS

EPSS: 0.00106