CVE-2006-2196
CVSS4.6
发布时间 :2006-06-26 06:06:00
修订时间 :2011-03-07 21:35:31
NMCOP    

[原文]Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges.


[CNNVD]pinball 未明漏洞(CNNVD-200606-500)

        pinball 0.3.1存在未明漏洞。本地用户可以借助在以提升的权限操作时能使pinball从攻击者控制的目录加载插件的未知攻击向量,来获得特权。

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2196
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2196
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200606-500
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2006/dsa-1102
(VENDOR_ADVISORY)  DEBIAN  DSA-1102
http://www.vupen.com/english/advisories/2006/2535
(UNKNOWN)  VUPEN  ADV-2006-2535
http://xforce.iss.net/xforce/xfdb/27420
(UNKNOWN)  XF  emilia-pinball-plugins-privilege-escalation(27420)
http://www.osvdb.org/26829
(UNKNOWN)  OSVDB  26829
http://secunia.com/advisories/20834
(UNKNOWN)  SECUNIA  20834
http://secunia.com/advisories/20778
(UNKNOWN)  SECUNIA  20778

- 漏洞信息

pinball 未明漏洞
中危 未知
2006-06-26 00:00:00 2006-06-27 00:00:00
本地  
        pinball 0.3.1存在未明漏洞。本地用户可以借助在以提升的权限操作时能使pinball从攻击者控制的目录加载插件的未知攻击向量,来获得特权。

- 公告与补丁

        

- 漏洞信息 (F47785)

Debian Linux Security Advisory 1102-1 (PacketStormID:F47785)
2006-06-27 00:00:00
Debian  debian.org
advisory
linux,debian
CVE-2006-2196
[点击下载]

Debian Security Advisory 1102-1 - Steve Kemp from the Debian Security Audit project discovered that pinball, a pinball simulator, can be tricked into loading level plugins from user-controlled directories without dropping privileges.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1102-1                    security@debian.org
http://www.debian.org/security/                                 Steve Kemp
June 26th, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : pinball
Vulnerability  : design error
Problem type   : local
Debian-specific: no
CVE ID         : CVE-2006-2196

Steve Kemp from the Debian Security Audit project discovered that
pinball, a pinball simulator, can be tricked into loading level
plugins from user-controlled directories without dropping privileges.

The old stable distribution (woody) does not contain this package.

For the stable distribution (sarge) this problem has been fixed in
version 0.3.1-3sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 0.3.1-6.

We recommend that you upgrade your pinball package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1.dsc
      Size/MD5 checksum:      811 17ac5604e5bb7e13b938d84012c6ea7c
    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1.diff.gz
      Size/MD5 checksum:   320626 5473ae87027018899b08f12c34ddd538
    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1.orig.tar.gz
      Size/MD5 checksum:  6082982 f28e8f49e0db8e9491e4d9f0c13c36c6

  Architecture independent components:

    http://security.debian.org/pool/updates/main/p/pinball/pinball-data_0.3.1-3sarge1_all.deb
      Size/MD5 checksum:  5542524 c586ed47103f89443cf32f57984ac95c

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_alpha.deb
      Size/MD5 checksum:   189898 6168d325d265c72da1007aaa83c7b9bd
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_alpha.deb
      Size/MD5 checksum:   325654 caeae82e416a40ad943ff38ce8c5eb98

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_amd64.deb
      Size/MD5 checksum:   167050 af8664da7ef5e0d1fd1e1eb86e2a7fc1
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_amd64.deb
      Size/MD5 checksum:   242432 36c44eed9de2d48089e7c396e270c98e

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_arm.deb
      Size/MD5 checksum:   193056 52d5e3fb06e529326ae361f739915169
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_arm.deb
      Size/MD5 checksum:   294198 4bc5b7e9d5b1cc0f0b90f91290cf0999

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_i386.deb
      Size/MD5 checksum:   159576 b7fcaf42621d2c356de66c90ea19fab0
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_i386.deb
      Size/MD5 checksum:   219780 7a4877a175b976ca20d25040e0fcab11

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_ia64.deb
      Size/MD5 checksum:   221146 717fb85a21f4bd4a535200a7420e16b9
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_ia64.deb
      Size/MD5 checksum:   315856 a9a8496a1d029a0d64afb00b0c5fd116

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_hppa.deb
      Size/MD5 checksum:   191708 e97c652fb430dbaeb5d367f196ea1ba0
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_hppa.deb
      Size/MD5 checksum:   300260 606404a0da99b9884229bee10849413e

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_m68k.deb
      Size/MD5 checksum:   160442 1ff1dd9d285de6e7300f8e7eb027c766
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_m68k.deb
      Size/MD5 checksum:   223038 a7a4a5a997a05cf929b45529cd81942f

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_mips.deb
      Size/MD5 checksum:   166400 05f3ea274037ffb1a2b76fa5a802ff87
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_mips.deb
      Size/MD5 checksum:   263344 ab1b99a12b3be3151f84e94a6073b27f

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_mipsel.deb
      Size/MD5 checksum:   165114 5275bf21b63a2a2c30148d7a7a3aface
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_mipsel.deb
      Size/MD5 checksum:   263394 f287e3ee0a11745580f175585112632b

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_powerpc.deb
      Size/MD5 checksum:   170788 bb51f1dc4d1f9a5cd7b244111b61bb42
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_powerpc.deb
      Size/MD5 checksum:   245192 d390d54045f7ac70bf63164ba672a4d0

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_s390.deb
      Size/MD5 checksum:   152218 873670da1cc02dbe495c7254d4c5e316
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_s390.deb
      Size/MD5 checksum:   214592 074ea5085ed5c727b9e4fcf9ce0574c2

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/pinball/pinball_0.3.1-3sarge1_sparc.deb
      Size/MD5 checksum:   159116 43ba78279f91e1da5268c71af524b3ab
    http://security.debian.org/pool/updates/main/p/pinball/pinball-dev_0.3.1-3sarge1_sparc.deb
      Size/MD5 checksum:   233376 ec2531c5979bc0e6df6ec5f34d4d7d48


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEn1jjW5ql+IAeqTIRAvCLAJ9SRvjwVuQClzXvrpNch1WBBgtB5wCdHqhZ
bFTwjMf8G4MaC4jc9+hTxYs=
=s19d
-----END PGP SIGNATURE-----

    

- 漏洞信息

26829
Emilia Pinball Arbitrary Plugin Privilege Escalation
Local Access Required Denial of Service
Loss of Availability
Exploit Unknown

- 漏洞描述

Emilia Pinball contains a flaw that may allow a local denial of service. The issue is triggered when an unspecified error occurs when loading compiled plugins, and will result in loss of availability for the system.

- 时间线

2006-06-26 Unknow
Unknow Unknow

- 解决方案

Upgrade to version Fixed in version 0.3.1-6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站