| Vulnerability Name: | CVE-2006-4447 (CCN-29832) | ||||||||
| Assigned: | 2006-06-20 | ||||||||
| Published: | 2006-06-20 | ||||||||
| Updated: | 2011-03-08 | ||||||||
| Summary: | X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-4447 Source: CCN Type: X.ORg Mailing List, Tue Jun 20 05:20:19 PDT 2006 X.Org security advisory: setuid return value check problems Source: MLIST Type: Patch [xorg] 20060620 X.Org security advisory: setuid return value check problems Source: CCN Type: BEAST-ANNOUNCE Mailing List, Thu, 28 Dec 2006 01:32:27 +0100 (CET) ANNOUNCE: BEAST/BSE v0.7.1 Source: MLIST Type: UNKNOWN [beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1 Source: CCN Type: SA21650 X.Org X11 setuid Security Issues Source: SECUNIA Type: Patch, Vendor Advisory 21650 Source: SECUNIA Type: UNKNOWN 21660 Source: SECUNIA Type: UNKNOWN 21693 Source: SECUNIA Type: UNKNOWN 22332 Source: CCN Type: SA25032 BEAST/BSE "seteuid()" and "setreuid()" Security Issue Source: SECUNIA Type: UNKNOWN 25032 Source: SECUNIA Type: UNKNOWN 25059 Source: GENTOO Type: Patch, Vendor Advisory GLSA-200608-25 Source: GENTOO Type: UNKNOWN GLSA-200704-22 Source: DEBIAN Type: UNKNOWN DSA-1193 Source: DEBIAN Type: DSA-1193 xfree86 -- several vulnerabilities Source: CCN Type: GLSA-200608-25 X.org and some X.org libraries: Local privilege escalations Source: CCN Type: GLSA-200704-22 BEAST: Denial of Service Source: CCN Type: US-CERT VU#300368 X.Org fails to check for setuid failure on Linux systems Source: CERT-VN Type: US Government Resource VU#300368 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:160 Source: CCN Type: OSVDB ID: 28239 X.Org X Window System (X11) setuid() Failure Local Privilege Escalation Source: BID Type: UNKNOWN 19742 Source: CCN Type: BID-19742 Multiple X.Org Products SetUID Local Privilege Escalation Vulnerability Source: BID Type: UNKNOWN 23697 Source: CCN Type: BID-23697 Beast Resource Limit Local Denial Of Service Vulnerability Source: VUPEN Type: UNKNOWN ADV-2006-3409 Source: VUPEN Type: UNKNOWN ADV-2007-0409 Source: XF Type: UNKNOWN xorg-setuid-privilege-escalation(29832) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||