| Vulnerability Name: | CVE-2006-2916 (CCN-27221) | ||||||||
| Assigned: | 2006-06-14 | ||||||||
| Published: | 2006-06-14 | ||||||||
| Updated: | 2018-10-18 | ||||||||
| Summary: | artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. Product is only vulnerable when running setuid root on Linux 2.6.0 or later versions. Vendor links provide patches for each affected version. | ||||||||
| CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 6.0 Medium (CVSS v2 Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Thu Jun 15 2006 - 14:01:00 CDT rPSA-2006-0105-1 arts Source: MITRE Type: CNA CVE-2006-2916 Source: CONFIRM Type: Patch http://dot.kde.org/1150310128/ Source: CCN Type: BEAST-ANNOUNCE Mailing List, Thu, 28 Dec 2006 01:32:27 +0100 (CET) ANNOUNCE: BEAST/BSE v0.7.1 Source: MLIST Type: UNKNOWN [beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1 Source: CCN Type: SA20677 aRts "artswrapper" Helper Application setuid Security Issue Source: SECUNIA Type: Vendor Advisory 20677 Source: SECUNIA Type: Vendor Advisory 20786 Source: SECUNIA Type: Vendor Advisory 20827 Source: SECUNIA Type: Vendor Advisory 20868 Source: SECUNIA Type: Vendor Advisory 20899 Source: CCN Type: SA25032 BEAST/BSE "seteuid()" and "setreuid()" Security Issue Source: SECUNIA Type: UNKNOWN 25032 Source: SECUNIA Type: UNKNOWN 25059 Source: GENTOO Type: UNKNOWN GLSA-200704-22 Source: CCN Type: SECTRACK ID: 1016298 Artswrapper setuid() Failure Lets Local Users Gain Root Privileges Source: SECTRACK Type: UNKNOWN 1016298 Source: SLACKWARE Type: UNKNOWN SSA:2006-178-03 Source: CCN Type: aRts Web site aRts - analog realtime synthesizer Source: CCN Type: GLSA-200606-22 aRts: Privilege escalation Source: GENTOO Type: UNKNOWN GLSA-200606-22 Source: CCN Type: GLSA-200704-22 BEAST: Denial of Service Source: CCN Type: aRts Security Advisory 2006-06-14 artswrapper setuid() return value checking vulnerability Source: CONFIRM Type: Patch, Vendor Advisory http://www.kde.org/info/security/advisory-20060614-2.txt Source: MANDRIVA Type: UNKNOWN MDKSA-2006:107 Source: SUSE Type: UNKNOWN SUSE-SR:2006:015 Source: OSVDB Type: UNKNOWN 26506 Source: CCN Type: OSVDB ID: 26506 aRts artswrapper Helper Application Local Privilege Escalation Source: BUGTRAQ Type: UNKNOWN 20060615 rPSA-2006-0105-1 arts Source: BID Type: Patch 18429 Source: CCN Type: BID-18429 KDE ArtsWrapper Local Privilege Escalation Vulnerability Source: BID Type: UNKNOWN 23697 Source: CCN Type: BID-23697 Beast Resource Limit Local Denial Of Service Vulnerability Source: VUPEN Type: UNKNOWN ADV-2006-2357 Source: VUPEN Type: UNKNOWN ADV-2007-0409 Source: XF Type: UNKNOWN arts-artwrapper-privilege-escalation(27221) Source: XF Type: UNKNOWN arts-artwrapper-privilege-escalation(27221) Source: SUSE Type: SUSE-SR:2006:015 SUSE Security Summary Report | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||