ID CVE-2006-2916
Summary artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. Product is only vulnerable when running setuid root on Linux 2.6.0 or later versions. Vendor links provide patches for each affected version.
References
Vulnerable Configurations
  • cpe:2.3:a:kde:arts:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:kde:arts:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:kde:arts:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:kde:arts:1.2:*:*:*:*:*:*:*
CVSS
Base: 6.0 (as of 18-10-2018 - 16:43)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:H/Au:S/C:C/I:C/A:C
refmap via4
bid
  • 18429
  • 23697
bugtraq 20060615 rPSA-2006-0105-1 arts
confirm
gentoo
  • GLSA-200606-22
  • GLSA-200704-22
mandriva MDKSA-2006:107
mlist [beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1
osvdb 26506
sectrack 1016298
secunia
  • 20677
  • 20786
  • 20827
  • 20868
  • 20899
  • 25032
  • 25059
slackware SSA:2006-178-03
suse SUSE-SR:2006:015
vupen
  • ADV-2006-2357
  • ADV-2007-0409
xf arts-artwrapper-privilege-escalation(27221)
statements via4
contributor Mark J Cox
lastmodified 2006-08-16
organization Red Hat
statement Not vulnerable. We do not ship aRts as setuid root on Red Hat Enterprise Linux 2.1, 3, or 4.
Last major update 18-10-2018 - 16:43
Published 15-06-2006 - 10:02
Last modified 18-10-2018 - 16:43
Back to Top