8 matches found
SUSE CVE-2006-2916
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges...
Slackware: Security Advisory (SSA:2006-178-03)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE9 Security Update : arts (YOU Patch Number 11075)
The KDE soundserver aRts lacked checks around some setuid calls. This could be used by a local attacker to gain root privileges. CVE-2006-2916 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
Gentoo Security Advisory GLSA 200606-22 (aRts)
The remote host is missing updates announced in advisory GLSA 200606-22. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200704-22 (BEAST)
The remote host is missing updates announced in advisory GLSA 200704-22. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openSUSE 10 Security Update : arts (arts-1670)
The KDE soundserver aRts lacked checks around some setuid calls. This could potentially be used by a local attacker to gain root privileges. CVE-2006-2916 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
[slackware-security] arts
New aRts packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a possible security issue with artswrapper. The artswrapper program and the artsd daemon can be used to gain root privileges if artswrapper is setuid root and the system is running a 2.6.x kernel. Note that...
CVE-2006-2916
The CVE-2006-2916 issue affects artswrapper in aRts running with setuid root on Linux 2.6.0+ where setuid’s return value is not checked, allowing a local user to escalate to root by preventing artsd from dropping privileges. The vulnerability arises from failing to verify setuid’s success, potent...