CVE-2006-2194 - CVE Reference - Advisories

CVE Reference: CVE-2006-2194

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2194

Description: The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-310-1 SAID Secunia Advisory: SA20987 Secunia Advisory: SA20996 Secunia Advisory: SA20967 Secunia Advisory: SA20963 OSVDB 26994 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:119 DEBIAN http://www.debian.org/security/2006/dsa-1106 BID 18849

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Cisco ASA and PIX Security Appliances Multiple Vulnerabilities

2.	rPath update for libtiff

3.	HP OpenView Select Identity Connectors Information Disclosure

4.	Gentoo update for realplayer

5.	Gentoo update for yelp

6.	FreeBSD ICMPv6 "Packet Too Big" MTU Denial of Service Vulnerability

7.	Gentoo update for dnsmasq

8.	IBM AIX "swcons" Command Privilege Escalation Vulnerability

9.	SUSE update for IBMJava5-JRE and java-1_5_0-ibm

10.	Najdi.si Toolbar Buffer Overflow Vulnerability