CVE-2006-2916 (GCVE-0-2006-2916)

Vulnerability from cvelistv5 – Published: 2006-06-15 10:00 – Updated: 2024-08-07 18:06
VLAI?
Summary
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.vupen.com/english/advisories/2006/2357 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/20899 third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/26506 vdb-entryx_refsource_OSVDB
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://securitytracker.com/id?1016298 vdb-entryx_refsource_SECTRACK
http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/20868 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/437362/100… mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/20786 third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200704-22.xml vendor-advisoryx_refsource_GENTOO
http://www.vupen.com/english/advisories/2007/0409 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/20677 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/23697 vdb-entryx_refsource_BID
http://secunia.com/advisories/25059 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/20827 third-party-advisoryx_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/25032 third-party-advisoryx_refsource_SECUNIA
http://www.kde.org/info/security/advisory-2006061… x_refsource_CONFIRM
http://mail.gnome.org/archives/beast/2006-Decembe… mailing-listx_refsource_MLIST
http://dot.kde.org/1150310128/ x_refsource_CONFIRM
http://www.securityfocus.com/bid/18429 vdb-entryx_refsource_BID
http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:06:27.206Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-2357",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2357"
          },
          {
            "name": "20899",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20899"
          },
          {
            "name": "26506",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26506"
          },
          {
            "name": "MDKSA-2006:107",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:107"
          },
          {
            "name": "1016298",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016298"
          },
          {
            "name": "GLSA-200606-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml"
          },
          {
            "name": "20868",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20868"
          },
          {
            "name": "20060615 rPSA-2006-0105-1 arts",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/437362/100/0/threaded"
          },
          {
            "name": "20786",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20786"
          },
          {
            "name": "GLSA-200704-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
          },
          {
            "name": "ADV-2007-0409",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0409"
          },
          {
            "name": "20677",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20677"
          },
          {
            "name": "23697",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23697"
          },
          {
            "name": "25059",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25059"
          },
          {
            "name": "arts-artwrapper-privilege-escalation(27221)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27221"
          },
          {
            "name": "20827",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20827"
          },
          {
            "name": "SUSE-SR:2006:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_38_security.html"
          },
          {
            "name": "25032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25032"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20060614-2.txt"
          },
          {
            "name": "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dot.kde.org/1150310128/"
          },
          {
            "name": "18429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18429"
          },
          {
            "name": "SSA:2006-178-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.468256"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2006-2357",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2357"
        },
        {
          "name": "20899",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20899"
        },
        {
          "name": "26506",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26506"
        },
        {
          "name": "MDKSA-2006:107",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:107"
        },
        {
          "name": "1016298",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016298"
        },
        {
          "name": "GLSA-200606-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml"
        },
        {
          "name": "20868",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20868"
        },
        {
          "name": "20060615 rPSA-2006-0105-1 arts",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/437362/100/0/threaded"
        },
        {
          "name": "20786",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20786"
        },
        {
          "name": "GLSA-200704-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
        },
        {
          "name": "ADV-2007-0409",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0409"
        },
        {
          "name": "20677",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20677"
        },
        {
          "name": "23697",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23697"
        },
        {
          "name": "25059",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25059"
        },
        {
          "name": "arts-artwrapper-privilege-escalation(27221)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27221"
        },
        {
          "name": "20827",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20827"
        },
        {
          "name": "SUSE-SR:2006:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_38_security.html"
        },
        {
          "name": "25032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25032"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20060614-2.txt"
        },
        {
          "name": "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dot.kde.org/1150310128/"
        },
        {
          "name": "18429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18429"
        },
        {
          "name": "SSA:2006-178-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.468256"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-2916",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-2357",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2357"
            },
            {
              "name": "20899",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20899"
            },
            {
              "name": "26506",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26506"
            },
            {
              "name": "MDKSA-2006:107",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:107"
            },
            {
              "name": "1016298",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016298"
            },
            {
              "name": "GLSA-200606-22",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml"
            },
            {
              "name": "20868",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20868"
            },
            {
              "name": "20060615 rPSA-2006-0105-1 arts",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/437362/100/0/threaded"
            },
            {
              "name": "20786",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20786"
            },
            {
              "name": "GLSA-200704-22",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
            },
            {
              "name": "ADV-2007-0409",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0409"
            },
            {
              "name": "20677",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20677"
            },
            {
              "name": "23697",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23697"
            },
            {
              "name": "25059",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25059"
            },
            {
              "name": "arts-artwrapper-privilege-escalation(27221)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27221"
            },
            {
              "name": "20827",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20827"
            },
            {
              "name": "SUSE-SR:2006:015",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2006_38_security.html"
            },
            {
              "name": "25032",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25032"
            },
            {
              "name": "http://www.kde.org/info/security/advisory-20060614-2.txt",
              "refsource": "CONFIRM",
              "url": "http://www.kde.org/info/security/advisory-20060614-2.txt"
            },
            {
              "name": "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1",
              "refsource": "MLIST",
              "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
            },
            {
              "name": "http://dot.kde.org/1150310128/",
              "refsource": "CONFIRM",
              "url": "http://dot.kde.org/1150310128/"
            },
            {
              "name": "18429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18429"
            },
            {
              "name": "SSA:2006-178-03",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.468256"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-2916",
    "datePublished": "2006-06-15T10:00:00",
    "dateReserved": "2006-06-08T00:00:00",
    "dateUpdated": "2024-08-07T18:06:27.206Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-2916\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-06-15T10:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.\"},{\"lang\":\"es\",\"value\":\"artswrapper en aRts, cuando se ejecuta como root sobre linux 2.6.0 o versiones posteriores, no valida la variable setuid de retorno de la llamada  a la funci\u00f3n, lo que permite a usuarios locales ganar privilegios de root al provocar un fallo sobre setuid.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:S/C:C/I:C/A:C\",\"baseScore\":6.0,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":1.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-273\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kde:arts:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECA4B1F0-C924-4308-862F-0FE65D7BAB4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kde:arts:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC2D979D-0731-4CE3-9D16-22EF314884A2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.0\",\"matchCriteriaId\":\"DC4FB0A3-C8CC-4AB5-8A9D-EF370368B1EB\"}]}]}],\"references\":[{\"url\":\"http://dot.kde.org/1150310128/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://mail.gnome.org/archives/beast/2006-December/msg00025.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/20677\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20786\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20827\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20868\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20899\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25032\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/25059\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200704-22.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016298\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.468256\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kde.org/info/security/advisory-20060614-2.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:107\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_38_security.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.osvdb.org/26506\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/437362/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/18429\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/23697\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2357\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/0409\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27221\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://dot.kde.org/1150310128/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://mail.gnome.org/archives/beast/2006-December/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/20677\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20786\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20827\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20868\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20899\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/25059\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200704-22.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016298\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.468256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kde.org/info/security/advisory-20060614-2.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_38_security.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.osvdb.org/26506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/437362/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/18429\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/23697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2357\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/0409\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}],\"evaluatorSolution\":\"Product is only vulnerable when running setuid root on Linux 2.6.0 or later versions.\\nVendor links provide patches for each affected version.\",\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable.  We do not ship aRts as setuid root on Red Hat Enterprise Linux 2.1, 3, or 4.\",\"lastModified\":\"2006-08-16T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.