{"api_version":"1","generated_at":"2026-06-19T19:07:43+00:00","cve":"CVE-2006-2916","urls":{"html":"https://cve.report/CVE-2006-2916","api":"https://cve.report/api/cve/CVE-2006-2916.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-2916","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-2916"},"summary":{"title":"CVE-2006-2916","description":"artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2006-06-15 10:02:00","updated_at":"2024-01-21 01:42:00"},"problem_types":["CWE-273"],"metrics":[],"references":[{"url":"http://secunia.com/advisories/20677","name":"20677","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"aRts \"artswrapper\" Helper Application setuid Security Issue - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25059","name":"25059","refsource":"SECUNIA","tags":[],"title":"Gentoo update for beast - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/20899","name":"20899","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"SUSE Updates for Multiple Packages - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/437362/100/0/threaded","name":"20060615 rPSA-2006-0105-1 arts","refsource":"BUGTRAQ","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.novell.com/linux/security/advisories/2006_38_security.html","name":"SUSE-SR:2006:015","refsource":"SUSE","tags":[],"title":"Security Announcement","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://securitytracker.com/id?1016298","name":"1016298","refsource":"SECTRACK","tags":[],"title":"SecurityTracker.com Archives - Artswrapper setuid() Failure Lets Local Users Gain Root Privileges","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/23697","name":"23697","refsource":"BID","tags":[],"title":"Beast Resource Limit Local Denial Of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/20868","name":"20868","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Slackware update for arts - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/0409","name":"ADV-2007-0409","refsource":"VUPEN","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:107","name":"MDKSA-2006:107","refsource":"MANDRIVA","tags":[],"title":"Advisories - Mandriva Linux","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.468256","name":"SSA:2006-178-03","refsource":"SLACKWARE","tags":[],"title":"The Slackware Linux Project: Slackware Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/18429","name":"18429","refsource":"BID","tags":["Patch"],"title":"KDE ArtsWrapper Local Privilege Escalation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://dot.kde.org/1150310128/","name":"http://dot.kde.org/1150310128/","refsource":"CONFIRM","tags":["Patch"],"title":"Security Updates: Artswrapper and KDM","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27221","name":"arts-artwrapper-privilege-escalation(27221)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25032","name":"25032","refsource":"SECUNIA","tags":[],"title":"BEAST/BSE \"seteuid()\" and \"setreuid()\" Security Issue - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.osvdb.org/26506","name":"26506","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://mail.gnome.org/archives/beast/2006-December/msg00025.html","name":"[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1","refsource":"MLIST","tags":[],"title":"ANNOUNCE: BEAST/BSE v0.7.1","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kde.org/info/security/advisory-20060614-2.txt","name":"http://www.kde.org/info/security/advisory-20060614-2.txt","refsource":"CONFIRM","tags":["Patch","Vendor Advisory"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/20827","name":"20827","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Mandriva update for arts - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-200704-22.xml","name":"GLSA-200704-22","refsource":"GENTOO","tags":[],"title":"BEAST: Denial of Service — Gentoo Linux Documentation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml","name":"GLSA-200606-22","refsource":"GENTOO","tags":[],"title":"Gentoo Linux Documentation\n--\n  aRts: Privilege escalation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/2357","name":"ADV-2006-2357","refsource":"VUPEN","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/20786","name":"20786","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Gentoo update for aRts","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-2916","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-2916","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"2916","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kde","cpe5":"arts","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"2916","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kde","cpe5":"arts","cpe6":"1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"2916","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kde","cpe5":"arts","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"2916","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kde","cpe5":"arts","cpe6":"1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"2916","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[{"cvename":"CVE-2006-2916","organization":"Red Hat","lastmodified":"2006-08-16","contributor":"Mark J Cox","statementText":"Not vulnerable. We do not ship aRts as setuid root on Red Hat Enterprise Linux 2.1, 3, or 4.","cve_year":"2006","cve_id":"2916","crc32":"3f530b05"}],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-2916","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"ADV-2006-2357","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/2357"},{"name":"20899","refsource":"SECUNIA","url":"http://secunia.com/advisories/20899"},{"name":"26506","refsource":"OSVDB","url":"http://www.osvdb.org/26506"},{"name":"MDKSA-2006:107","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:107"},{"name":"1016298","refsource":"SECTRACK","url":"http://securitytracker.com/id?1016298"},{"name":"GLSA-200606-22","refsource":"GENTOO","url":"http://www.gentoo.org/security/en/glsa/glsa-200606-22.xml"},{"name":"20868","refsource":"SECUNIA","url":"http://secunia.com/advisories/20868"},{"name":"20060615 rPSA-2006-0105-1 arts","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/437362/100/0/threaded"},{"name":"20786","refsource":"SECUNIA","url":"http://secunia.com/advisories/20786"},{"name":"GLSA-200704-22","refsource":"GENTOO","url":"http://security.gentoo.org/glsa/glsa-200704-22.xml"},{"name":"ADV-2007-0409","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/0409"},{"name":"20677","refsource":"SECUNIA","url":"http://secunia.com/advisories/20677"},{"name":"23697","refsource":"BID","url":"http://www.securityfocus.com/bid/23697"},{"name":"25059","refsource":"SECUNIA","url":"http://secunia.com/advisories/25059"},{"name":"arts-artwrapper-privilege-escalation(27221)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27221"},{"name":"20827","refsource":"SECUNIA","url":"http://secunia.com/advisories/20827"},{"name":"SUSE-SR:2006:015","refsource":"SUSE","url":"http://www.novell.com/linux/security/advisories/2006_38_security.html"},{"name":"25032","refsource":"SECUNIA","url":"http://secunia.com/advisories/25032"},{"name":"http://www.kde.org/info/security/advisory-20060614-2.txt","refsource":"CONFIRM","url":"http://www.kde.org/info/security/advisory-20060614-2.txt"},{"name":"[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1","refsource":"MLIST","url":"http://mail.gnome.org/archives/beast/2006-December/msg00025.html"},{"name":"http://dot.kde.org/1150310128/","refsource":"CONFIRM","url":"http://dot.kde.org/1150310128/"},{"name":"18429","refsource":"BID","url":"http://www.securityfocus.com/bid/18429"},{"name":"SSA:2006-178-03","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.468256"}]}},"nvd":{"publishedDate":"2006-06-15 10:02:00","lastModifiedDate":"2024-01-21 01:42:00","problem_types":["CWE-273"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:H/Au:S/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":6},"severity":"MEDIUM","exploitabilityScore":1.5,"impactScore":10,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kde:arts:1.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kde:arts:1.2:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.0","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"2916","Ordinal":"18236","Title":"CVE-2006-2916","CVE":"CVE-2006-2916","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"2916","Ordinal":"1","NoteData":"artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.","Type":"Description","Title":null},{"CveYear":"2006","CveId":"2916","Ordinal":"2","NoteData":"2006-06-15","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"2916","Ordinal":"3","NoteData":"2018-10-18","Type":"Other","Title":"Modified"}]}}}