artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-06-15T10:00:00

Updated: 2024-08-07T18:06:27.206Z

Reserved: 2006-06-08T00:00:00

Link: CVE-2006-2916

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2006-06-15T10:02:00.000

Modified: 2024-01-21T01:42:33.730

Link: CVE-2006-2916

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-21T00:00:00Z

Links: CVE-2006-2916 - Bugzilla