Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[ GLSA 200606-22 ] aRts: Privilege escalation
From: Sune Kloppenborg Jeppesen <jaervosz () gentoo org>
Date: Thu, 22 Jun 2006 21:17:43 +0200

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200606-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: High
     Title: aRts: Privilege escalation
      Date: June 22, 2006
      Bugs: #135970
        ID: 200606-22

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

The artswrapper part of aRts allows local users to execute arbitrary
code with elevated privileges.

Background
==========

aRts is a real time modular system for synthesizing audio used by KDE.
artswrapper is a helper application used to start the aRts daemon.

Affected packages
=================

    -------------------------------------------------------------------
     Package        /  Vulnerable  /                        Unaffected
    -------------------------------------------------------------------
  1  kde-base/arts     < 3.5.2-r1                          >= 3.5.2-r1
                                                          *>= 3.4.3-r1

Description
===========

artswrapper fails to properly check whether it can drop privileges
accordingly if setuid() fails due to a user exceeding assigned resource
limits.

Impact
======

Local attackers could exploit this vulnerability to execute arbitrary
code with elevated privileges. Note that the aRts package provided by
Gentoo is only vulnerable if the artswrappersuid USE-flag is enabled.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All aRts users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose kde-base/arts

References
==========

  [ 1 ] CVE-2006-2916
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200606-22.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security () gentoo org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2006 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • [ GLSA 200606-22 ] aRts: Privilege escalation Sune Kloppenborg Jeppesen (Jun 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault