FKIE_CVE-2006-2916

Vulnerability from fkie_nvd - Published: 2006-06-15 10:02 - Updated: 2025-04-03 01:03
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
References
cve@mitre.orghttp://dot.kde.org/1150310128/Not Applicable
cve@mitre.orghttp://mail.gnome.org/archives/beast/2006-December/msg00025.htmlMailing List
cve@mitre.orghttp://secunia.com/advisories/20677Broken Link, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20786Broken Link, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20827Broken Link, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20868Broken Link, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/20899Broken Link, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/25032Broken Link
cve@mitre.orghttp://secunia.com/advisories/25059Broken Link
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200704-22.xmlThird Party Advisory
cve@mitre.orghttp://securitytracker.com/id?1016298Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.468256Mailing List, Third Party Advisory
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200606-22.xmlThird Party Advisory
cve@mitre.orghttp://www.kde.org/info/security/advisory-20060614-2.txtPatch, Vendor Advisory
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDKSA-2006:107Third Party Advisory
cve@mitre.orghttp://www.novell.com/linux/security/advisories/2006_38_security.htmlBroken Link
cve@mitre.orghttp://www.osvdb.org/26506Broken Link
cve@mitre.orghttp://www.securityfocus.com/archive/1/437362/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securityfocus.com/bid/18429Broken Link, Patch, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securityfocus.com/bid/23697Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/2357Broken Link
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0409Broken Link
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27221Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://dot.kde.org/1150310128/Not Applicable
af854a3a-2127-422b-91ae-364da2661108http://mail.gnome.org/archives/beast/2006-December/msg00025.htmlMailing List
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20677Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20786Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20827Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20868Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20899Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25032Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25059Broken Link
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200704-22.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016298Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.468256Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200606-22.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kde.org/info/security/advisory-20060614-2.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:107Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_38_security.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/26506Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/437362/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18429Broken Link, Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23697Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2357Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0409Broken Link
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27221Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
kde arts 1.0
kde arts 1.2
linux linux_kernel *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kde:arts:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECA4B1F0-C924-4308-862F-0FE65D7BAB4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:arts:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC2D979D-0731-4CE3-9D16-22EF314884A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4FB0A3-C8CC-4AB5-8A9D-EF370368B1EB",
              "versionStartIncluding": "2.6.0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges."
    },
    {
      "lang": "es",
      "value": "artswrapper en aRts, cuando se ejecuta como root sobre linux 2.6.0 o versiones posteriores, no valida la variable setuid de retorno de la llamada  a la funci\u00f3n, lo que permite a usuarios locales ganar privilegios de root al provocar un fallo sobre setuid."
    }
  ],
  "evaluatorSolution": "Product is only vulnerable when running setuid root on Linux 2.6.0 or later versions.\nVendor links provide patches for each affected version.",
  "id": "CVE-2006-2916",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2006-06-15T10:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://dot.kde.org/1150310128/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20677"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20786"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20827"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20868"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20899"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/25032"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/25059"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1016298"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.468256"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20060614-2.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:107"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_38_security.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/26506"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/437362/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/18429"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/23697"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2357"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0409"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27221"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://dot.kde.org/1150310128/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/25032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/25059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1016298"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.468256"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20060614-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2006_38_security.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/26506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/437362/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/18429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/23697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27221"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable.  We do not ship aRts as setuid root on Red Hat Enterprise Linux 2.1, 3, or 4.",
      "lastModified": "2006-08-16T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-273"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.