CVE-2006-4447
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
X.Org y XFree86, incluyendo libX11, xdm, xf86dga, xinit, xload, xtrans, y xterm, no comprueban los valores de retorno de las llamadas a setuid y seteuid al intentar eliminar privilegios, lo cual permite a usuarios locales obtener privilegios haciendo fallar estas llamadas, como por ejemplo excediendo un ulimit.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-08-29 CVE Reserved
- 2006-08-30 CVE Published
- 2024-07-20 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://mail.gnome.org/archives/beast/2006-December/msg00025.html | Mailing List | |
| http://secunia.com/advisories/21660 | Third Party Advisory | |
| http://secunia.com/advisories/21693 | Third Party Advisory | |
| http://secunia.com/advisories/22332 | Third Party Advisory | |
| http://secunia.com/advisories/25032 | Third Party Advisory | |
| http://secunia.com/advisories/25059 | Third Party Advisory | |
| http://www.kb.cert.org/vuls/id/300368 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/19742 | Vdb Entry | |
| http://www.securityfocus.com/bid/23697 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2006/3409 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/0409 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.freedesktop.org/archives/xorg/2006-June/016146.html | 2011-03-08 | |
| http://secunia.com/advisories/21650 | 2011-03-08 | |
| http://security.gentoo.org/glsa/glsa-200608-25.xml | 2011-03-08 |
| URL | Date | SRC |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200704-22.xml | 2011-03-08 | |
| http://www.debian.org/security/2006/dsa-1193 | 2011-03-08 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2006:160 | 2011-03-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| X.org Search vendor "X.org" | Emu-linux-x87-xlibs Search vendor "X.org" for product "Emu-linux-x87-xlibs" | 7.0_r1 Search vendor "X.org" for product "Emu-linux-x87-xlibs" and version "7.0_r1" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | X11r6 Search vendor "X.org" for product "X11r6" | 6.7.0 Search vendor "X.org" for product "X11r6" and version "6.7.0" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | X11r6 Search vendor "X.org" for product "X11r6" | 6.8 Search vendor "X.org" for product "X11r6" and version "6.8" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | X11r6 Search vendor "X.org" for product "X11r6" | 6.8.1 Search vendor "X.org" for product "X11r6" and version "6.8.1" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | X11r6 Search vendor "X.org" for product "X11r6" | 6.8.2 Search vendor "X.org" for product "X11r6" and version "6.8.2" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | X11r7 Search vendor "X.org" for product "X11r7" | 1.0 Search vendor "X.org" for product "X11r7" and version "1.0" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | X11r7 Search vendor "X.org" for product "X11r7" | 1.0.1 Search vendor "X.org" for product "X11r7" and version "1.0.1" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | X11r7 Search vendor "X.org" for product "X11r7" | 1.0.2 Search vendor "X.org" for product "X11r7" and version "1.0.2" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xdm Search vendor "X.org" for product "Xdm" | 1.0.3 Search vendor "X.org" for product "Xdm" and version "1.0.3" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xf86dga Search vendor "X.org" for product "Xf86dga" | 1.0.0 Search vendor "X.org" for product "Xf86dga" and version "1.0.0" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xinit Search vendor "X.org" for product "Xinit" | 1.0.2_r5 Search vendor "X.org" for product "Xinit" and version "1.0.2_r5" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xload Search vendor "X.org" for product "Xload" | 1.0.0 Search vendor "X.org" for product "Xload" and version "1.0.0" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xorg-server Search vendor "X.org" for product "Xorg-server" | 1.02_r5 Search vendor "X.org" for product "Xorg-server" and version "1.02_r5" | - |
Affected
| ||||||
| X.org Search vendor "X.org" | Xterm Search vendor "X.org" for product "Xterm" | 214 Search vendor "X.org" for product "Xterm" and version "214" | - |
Affected
| ||||||