CVE-2006-2916 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2006-2916 Interim 1 3 2021-06-09T08:37:29Z current 2021-05-30T12:35:58Z 2021-06-09T08:37:29Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2006-2916 artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2006-06/msg00025.html E-Mail link for SUSE-SR:2006:015 https://www.suse.com/support/security/rating/ SUSE Security Ratings artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. CVE-2006-2916 important 6 AV:L/AC:H/Au:S/C:C/I:C/A:C