artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-06-15T10:00:00
Updated: 2024-08-07T18:06:27.206Z
Reserved: 2006-06-08T00:00:00
Link: CVE-2006-2916
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2006-06-15T10:02:00.000
Modified: 2024-01-21T01:42:33.730
Link: CVE-2006-2916
Redhat