Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Slackware Local Security Checks >> SSA-2006-178-03 arts


Vulnerability Assessment Details

SSA-2006-178-03 arts

Vulnerability Assessment Summary
SSA-2006-178-03 arts

Detailed Explanation for this Vulnerability Assessment

New aRts packages are available for Slackware 10.0, 10.1, 10.2, and -current
to fix a possible security issue with artswrapper. The artswrapper program
and the artsd daemon can be used to gain root rights if artswrapper is
setuid root and the system is running a 2.6.x kernel. Note that artswrapper
is not setuid root on Slackware by default. Some people have recommended
setting it that way online though, so it's at least worth warning about.
It's far safer to just add users to the audio group.

The official KDE security advisory may be found here:
http://www.kde.org/info/security/advisory-20060614-2.txt

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916




Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Michel Arboi

Cables, Connectors

Cisco PWR-RPS2300 V02 Redundant Power Systems w/2*C3K-PWR-1150WAC Power Supplies
$100.0
Cisco PWR-RPS2300 V02 Redundant Power Systems w/2*C3K-PWR-1150WAC Power Supplies pictureCisco Pro Access Solutions CPA 2501 Wired Router
$23.99
Cisco  Pro  Access Solutions CPA 2501  Wired Router pictureCisco Linksys SRW224P 24-Port 10/100 + 2-Port Gigabit Switch (No Rack Ears)
$60.0
Cisco Linksys SRW224P 24-Port 10/100 + 2-Port Gigabit Switch (No Rack Ears) pictureCISCO Aironet Power Injector DPSN-35FB A
$3.99
CISCO Aironet Power Injector DPSN-35FB A  picture


Discussions

No Discussions have been posted on this vulnerability.