SUSE CVE-2006-2916

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges...

CVE-2006-2916

A vulnerability was found in artswrapper in aRts. When running a setuid root, it does not check the return value of the setuid function call. This flaw allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. Mitigation Mitigation for th...

Slackware Advisory SSA:2006-178-03 arts

The remote host is missing an update as announced via advisory SSA:2006-178-03. OpenVAS Vulnerability Test $Id: esoftslkssa200617803.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2006-178-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware 10.0 / 10.1 / 10.2 / current : arts (SSA:2006-178-03)

New aRts packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a possible security issue with artswrapper. The artswrapper program and the artsd daemon can be used to gain root privileges if artswrapper is setuid root and the system is running a 2.6.x kernel. Note that...

Mandrake Linux Security Advisory : arts (MDKSA-2006:107)

A vulnerability in the artswrapper program, when installed setuid root, could enable a local user to elevate their privileges to that of root. By default, Mandriva Linux does not ship artswrapper setuid root, however if a user or system administrator enables the setuid bit on artswrapper, their...

aRts: Privilege escalation

Background aRts is a real time modular system for synthesizing audio used by KDE. artswrapper is a helper application used to start the aRts daemon. Description artswrapper fails to properly check whether it can drop privileges accordingly if setuid fails due to a user exceeding assigned resource...

CVE-2006-2916

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges...

CVE-2006-2916

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges...

CVE-2006-2916

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges...

CVE-2006-2916

The CVE-2006-2916 issue affects artswrapper in aRts running with setuid root on Linux 2.6.0+ where setuid’s return value is not checked, allowing a local user to escalate to root by preventing artsd from dropping privileges. The vulnerability arises from failing to verify setuid’s success, potent...

CVE-2002-0819

Format string vulnerability in artsd, when called by artswrapper, allows local users to gain privileges via format strings in the -a argument, which results in an error message that is not properly handled in a call to the artsfatal function...

CVE-2002-0819

CVE-2002-0819 describes a format-string vulnerability in the artsd component when invoked via artswrapper. The flaw allows local users to gain privileges through improper handling of format strings in the -a argument, leading to privilege escalation via an error message call path to arts_fatal. A...

artsd overflow

-----BEGIN PGP SIGNED MESSAGE----- Happy new year. Take a look at this: r00t:$ ls -las which artswrapper which artsd 4 -rwsr-xr-x 1 root root 4048 Dec 28 22:43 /usr/bin/artswrapper 120 -rwxr-xr-x 1 root root 117644 Dec 28 22:43 /usr/bin/artsd r00t:$ artsd -m perl -e 'print...