Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2006-2916

Published: 15/06/2006 Updated: 21/01/2024
CVSS v2 Base Score: 6 | Impact Score: 10 | Exploitability Score: 1.5
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 534
Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C
Subscribe to Kde

Vulnerability Summary

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.

Vulnerable Product Search on Vulmon Subscribe to Product

kde arts 1.0

kde arts 1.2

Vendor Advisories

Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: artswrapper in aRts, when running setuid root on Linux 260 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges ...

References

CWE-273http://www.kde.org/info/security/advisory-20060614-2.txthttp://dot.kde.org/1150310128/http://www.securityfocus.com/bid/18429http://securitytracker.com/id?1016298http://secunia.com/advisories/20677http://www.osvdb.org/26506http://www.gentoo.org/security/en/glsa/glsa-200606-22.xmlhttp://secunia.com/advisories/20827http://secunia.com/advisories/20786http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.468256http://secunia.com/advisories/20868http://www.novell.com/linux/security/advisories/2006_38_security.htmlhttp://secunia.com/advisories/20899http://mail.gnome.org/archives/beast/2006-December/msg00025.htmlhttp://security.gentoo.org/glsa/glsa-200704-22.xmlhttp://www.securityfocus.com/bid/23697http://secunia.com/advisories/25032http://secunia.com/advisories/25059http://www.mandriva.com/security/advisories?name=MDKSA-2006:107http://www.vupen.com/english/advisories/2007/0409http://www.vupen.com/english/advisories/2006/2357https://exchange.xforce.ibmcloud.com/vulnerabilities/27221http://www.securityfocus.com/archive/1/437362/100/0/threadedhttps://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2006-2916
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook