CVE-2006-2916

HIGH

aRts - Privilege Escalation via Failed setuid Check

Title source: llm
STIX 2.1

Description

artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.

References (23)

Core 23
Core References
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2357
Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20899
Broken Link vdb-entry x_refsource_osvdb
http://www.osvdb.org/26506
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:107
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016298
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml
Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20868
Broken Link, Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/437362/100/0/threaded
Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20786
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200704-22.xml
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0409
Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20677
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23697
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25059
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27221
Broken Link, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20827
Broken Link vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_38_security.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25032
Patch, Vendor Advisory x_refsource_confirm
http://www.kde.org/info/security/advisory-20060614-2.txt
Mailing List mailing-list x_refsource_mlist
http://mail.gnome.org/archives/beast/2006-December/msg00025.html
Not Applicable x_refsource_confirm
http://dot.kde.org/1150310128/
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18429
Mailing List, Third Party Advisory vendor-advisory x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.468256

Scores

CVSS v3 7.8
EPSS 0.0014
EPSS Percentile 34.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-273
Status published
Products (2)
kde/arts 1.0
kde/arts 1.2
Published Jun 15, 2006
Tracked Since Feb 18, 2026