Lucene search

[email protected]NVD:CVE-2006-2916

HistoryJun 15, 2006 - 10:02 a.m.

CVE-2006-2916

2006-06-1510:02:00

CWE-273

[email protected]

web.nvd.nist.gov

6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:S/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

JSON

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.

Affected configurations

NVD

Node

kdeartsMatch1.0

kdeartsMatch1.2

AND

linuxlinux_kernelRange2.6.0≥

References

dot.kde.org/1150310128/

mail.gnome.org/archives/beast/2006-December/msg00025.html

secunia.com/advisories/20677

secunia.com/advisories/20786

secunia.com/advisories/20827

secunia.com/advisories/20868

secunia.com/advisories/20899

secunia.com/advisories/25032

secunia.com/advisories/25059

security.gentoo.org/glsa/glsa-200704-22.xml

securitytracker.com/id?1016298

slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.468256

www.gentoo.org/security/en/glsa/glsa-200606-22.xml

www.kde.org/info/security/advisory-20060614-2.txt

www.mandriva.com/security/advisories?name=MDKSA-2006:107

www.novell.com/linux/security/advisories/2006_38_security.html

www.osvdb.org/26506

www.securityfocus.com/archive/1/437362/100/0/threaded

www.securityfocus.com/bid/18429

www.securityfocus.com/bid/23697

www.vupen.com/english/advisories/2006/2357

www.vupen.com/english/advisories/2007/0409

exchange.xforce.ibmcloud.com/vulnerabilities/27221

6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:S/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

JSON

Related for NVD:CVE-2006-2916

nessus6 openvas6 slackware1 ubuntucve1 cvelist1 gentoo2 cve1 redhatcve1 prion1 securityvulns1