 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2006-2194 |
| Description: | The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges. |
| Test IDs: | 1.3.6.1.4.1.25623.1.1.12.2006.310.1 1.3.6.1.4.1.25623.1.0.57074 1.3.6.1.4.1.25623.1.0.57083 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-2194 BugTraq ID: 18849 http://www.securityfocus.com/bid/18849 Debian Security Information: DSA-1106 (Google Search) http://www.debian.org/security/2006/dsa-1106 http://www.mandriva.com/security/advisories?name=MDKSA-2006:119 http://www.osvdb.org/26994 http://secunia.com/advisories/20963 http://secunia.com/advisories/20967 http://secunia.com/advisories/20987 http://secunia.com/advisories/20996 http://www.ubuntu.com/usn/usn-310-1 |