CVE-2006-4447 (GCVE-0-2006-4447)

Vulnerability from cvelistv5 – Published: 2006-08-30 01:00 – Updated: 2024-08-07 19:14
VLAI?
Summary
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/21660 third-party-advisoryx_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://lists.freedesktop.org/archives/xorg/2006-J… mailing-listx_refsource_MLIST
http://www.kb.cert.org/vuls/id/300368 third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2006/3409 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/21693 third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1193 vendor-advisoryx_refsource_DEBIAN
http://security.gentoo.org/glsa/glsa-200704-22.xml vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/22332 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0409 vdb-entryx_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200608-25.xml vendor-advisoryx_refsource_GENTOO
http://www.securityfocus.com/bid/23697 vdb-entryx_refsource_BID
http://secunia.com/advisories/25059 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/25032 third-party-advisoryx_refsource_SECUNIA
http://mail.gnome.org/archives/beast/2006-Decembe… mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/19742 vdb-entryx_refsource_BID
http://secunia.com/advisories/21650 third-party-advisoryx_refsource_SECUNIA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:14:46.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "21660",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21660"
          },
          {
            "name": "MDKSA-2006:160",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:160"
          },
          {
            "name": "[xorg] 20060620 X.Org security advisory: setuid return value check problems",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.freedesktop.org/archives/xorg/2006-June/016146.html"
          },
          {
            "name": "VU#300368",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/300368"
          },
          {
            "name": "ADV-2006-3409",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3409"
          },
          {
            "name": "21693",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21693"
          },
          {
            "name": "DSA-1193",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1193"
          },
          {
            "name": "GLSA-200704-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
          },
          {
            "name": "22332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22332"
          },
          {
            "name": "ADV-2007-0409",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0409"
          },
          {
            "name": "GLSA-200608-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200608-25.xml"
          },
          {
            "name": "23697",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23697"
          },
          {
            "name": "25059",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25059"
          },
          {
            "name": "25032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25032"
          },
          {
            "name": "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
          },
          {
            "name": "19742",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19742"
          },
          {
            "name": "21650",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21650"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-09-07T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "21660",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21660"
        },
        {
          "name": "MDKSA-2006:160",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:160"
        },
        {
          "name": "[xorg] 20060620 X.Org security advisory: setuid return value check problems",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.freedesktop.org/archives/xorg/2006-June/016146.html"
        },
        {
          "name": "VU#300368",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/300368"
        },
        {
          "name": "ADV-2006-3409",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3409"
        },
        {
          "name": "21693",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21693"
        },
        {
          "name": "DSA-1193",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1193"
        },
        {
          "name": "GLSA-200704-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
        },
        {
          "name": "22332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22332"
        },
        {
          "name": "ADV-2007-0409",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0409"
        },
        {
          "name": "GLSA-200608-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200608-25.xml"
        },
        {
          "name": "23697",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23697"
        },
        {
          "name": "25059",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25059"
        },
        {
          "name": "25032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25032"
        },
        {
          "name": "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
        },
        {
          "name": "19742",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19742"
        },
        {
          "name": "21650",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21650"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4447",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "21660",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21660"
            },
            {
              "name": "MDKSA-2006:160",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:160"
            },
            {
              "name": "[xorg] 20060620 X.Org security advisory: setuid return value check problems",
              "refsource": "MLIST",
              "url": "http://lists.freedesktop.org/archives/xorg/2006-June/016146.html"
            },
            {
              "name": "VU#300368",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/300368"
            },
            {
              "name": "ADV-2006-3409",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3409"
            },
            {
              "name": "21693",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21693"
            },
            {
              "name": "DSA-1193",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1193"
            },
            {
              "name": "GLSA-200704-22",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml"
            },
            {
              "name": "22332",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22332"
            },
            {
              "name": "ADV-2007-0409",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0409"
            },
            {
              "name": "GLSA-200608-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200608-25.xml"
            },
            {
              "name": "23697",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23697"
            },
            {
              "name": "25059",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25059"
            },
            {
              "name": "25032",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25032"
            },
            {
              "name": "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1",
              "refsource": "MLIST",
              "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html"
            },
            {
              "name": "19742",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19742"
            },
            {
              "name": "21650",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21650"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4447",
    "datePublished": "2006-08-30T01:00:00",
    "dateReserved": "2006-08-29T00:00:00",
    "dateUpdated": "2024-08-07T19:14:46.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:emu-linux-x87-xlibs:7.0_r1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39A99E8D-7B9B-4822-8550-5FB725F821CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76FFBC43-2178-48DF-B61E-CCBA4682AC5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F506308-E878-4AA5-B5D5-A7E148D63947\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D129D08C-AF18-4F9D-9781-64B8C1CFD65E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:x11r6:6.8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"201EBA98-07CF-4F03-BB9F-694D65F0C118\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D02D3FA8-EDCD-4A3C-81CF-FC09633270DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3D35005-EEB1-4FA1-95B5-EFF2ABC31AD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:x11r7:1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEDE33C3-5385-4457-A058-F43B08EFFFCA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xdm:1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"388D6C4A-04DE-49B3-8B4B-30CC07961F70\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xf86dga:1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DF163B1-8093-4E18-AF67-D97C22C205CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xinit:1.0.2_r5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D136635-B0EB-4714-95F0-F7341BB4558C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xload:1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A75541A-E933-4292-B7D7-B4960745D717\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xorg-server:1.02_r5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A956491-A5FB-4848-8C06-D7BC66B0B614\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:x.org:xterm:214:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A86C489-290F-4B62-BC6E-7934ACE57DFA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.\"}, {\"lang\": \"es\", \"value\": \"X.Org y XFree86, incluyendo libX11, xdm, xf86dga, xinit, xload, xtrans, y xterm, no comprueban los valores de retorno de las llamadas a setuid y seteuid al intentar eliminar privilegios, lo cual permite a usuarios locales obtener privilegios haciendo fallar estas llamadas, como por ejemplo excediendo un ulimit.\"}]",
      "id": "CVE-2006-4447",
      "lastModified": "2024-11-21T00:15:58.180",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-08-30T01:04:00.000",
      "references": "[{\"url\": \"http://lists.freedesktop.org/archives/xorg/2006-June/016146.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://mail.gnome.org/archives/beast/2006-December/msg00025.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/21650\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/21660\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/21693\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/22332\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/25032\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/25059\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200608-25.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200704-22.xml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2006/dsa-1193\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/300368\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2006:160\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/19742\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/23697\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3409\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0409\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.freedesktop.org/archives/xorg/2006-June/016146.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://mail.gnome.org/archives/beast/2006-December/msg00025.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/21650\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/21660\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/21693\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/22332\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/25032\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/25059\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200608-25.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200704-22.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2006/dsa-1193\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/300368\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2006:160\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/19742\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/23697\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/3409\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/0409\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"Not Vulnerable. This issue does not exist in Red Hat Enterprise Linux 2.1 or 3.  This issue not exploitable in Red Hat Enterprise Linux 4.  A detailed analysis of this issue can be found in the Red Hat Bug Tracking System:\\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=195555\", \"lastModified\": \"2006-09-12T00:00:00\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-4447\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-08-30T01:04:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.\"},{\"lang\":\"es\",\"value\":\"X.Org y XFree86, incluyendo libX11, xdm, xf86dga, xinit, xload, xtrans, y xterm, no comprueban los valores de retorno de las llamadas a setuid y seteuid al intentar eliminar privilegios, lo cual permite a usuarios locales obtener privilegios haciendo fallar estas llamadas, como por ejemplo excediendo un ulimit.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:emu-linux-x87-xlibs:7.0_r1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A99E8D-7B9B-4822-8550-5FB725F821CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76FFBC43-2178-48DF-B61E-CCBA4682AC5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F506308-E878-4AA5-B5D5-A7E148D63947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D129D08C-AF18-4F9D-9781-64B8C1CFD65E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x11r6:6.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"201EBA98-07CF-4F03-BB9F-694D65F0C118\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D02D3FA8-EDCD-4A3C-81CF-FC09633270DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D35005-EEB1-4FA1-95B5-EFF2ABC31AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:x11r7:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEDE33C3-5385-4457-A058-F43B08EFFFCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xdm:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"388D6C4A-04DE-49B3-8B4B-30CC07961F70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xf86dga:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DF163B1-8093-4E18-AF67-D97C22C205CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xinit:1.0.2_r5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D136635-B0EB-4714-95F0-F7341BB4558C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xload:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A75541A-E933-4292-B7D7-B4960745D717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xorg-server:1.02_r5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A956491-A5FB-4848-8C06-D7BC66B0B614\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x.org:xterm:214:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A86C489-290F-4B62-BC6E-7934ACE57DFA\"}]}]}],\"references\":[{\"url\":\"http://lists.freedesktop.org/archives/xorg/2006-June/016146.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://mail.gnome.org/archives/beast/2006-December/msg00025.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21650\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21660\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/21693\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/22332\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25032\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25059\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200608-25.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200704-22.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1193\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/300368\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:160\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/19742\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/23697\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3409\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0409\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.freedesktop.org/archives/xorg/2006-June/016146.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://mail.gnome.org/archives/beast/2006-December/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21650\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21660\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/21693\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/22332\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25059\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200608-25.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200704-22.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2006/dsa-1193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/300368\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:160\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/19742\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/23697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3409\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/0409\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not Vulnerable. This issue does not exist in Red Hat Enterprise Linux 2.1 or 3.  This issue not exploitable in Red Hat Enterprise Linux 4.  A detailed analysis of this issue can be found in the Red Hat Bug Tracking System:\\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=195555\",\"lastModified\":\"2006-09-12T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.