CVE-2006-4124 - The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_

CVE-2006-4124

Summary

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.

References

Vulnerable Configurations

cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*
cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*
cpe:2.3:a:lesstif:lesstif:*:*:*:*:*:*:*:*
cpe:2.3:a:lesstif:lesstif:*:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 19-10-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	19430
exploit-db	2144
misc	http://karol.wiesek.pl/files/lesstif-advisory.pdf
secunia	21428
vupen	ADV-2006-3230
xf	lestif-libxm-privilege-escalation(28298)

statements via4

contributor	Mark J Cox
lastmodified	2006-08-16
organization	Red Hat
statement	LessTif is shipped with Red Hat Enterprise Linux 2.1 but not 3 or 4. On Enterprise Linux 2.1 we build LessTif with debugging disabled, so the DEBUG_FILE environment variable is ignored and this issue cannot be exploited.

Last major update

19-10-2017 - 01:29

Published

14-08-2006 - 23:04

Last modified

19-10-2017 - 01:29