artsd -a Parameter arts_fatal Function Format String

2002-07-06T04:13:05
ID OSVDB:20701
Type osvdb
Reporter OSVDB
Modified 2002-07-06T04:13:05

Description

Technical Description

The program artsd is not SUID/SGID by default and can not be leveraged for additional privileges as a result of a default installation. This vulnerability only manifests if an administrator adds SUID or SGID privileges to the program, or if another program (such as artswrapper) invokes it with increased privileges.

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-07/0063.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-07/0076.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-07/0058.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-07/0065.html ISS X-Force ID: 9813 CVE-2002-0819