Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-0806
CVE-2004-0806
Description
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
12- seclists.org/lists/bugtraq/2004/Sep/0097.htmlnvdExploit
- www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2004-09/0108.htmlnvdExploit
- www.securityfocus.org/bid/11075nvdExploitPatch
- secunia.com/advisories/12481/nvdVendor Advisory
- www.kb.cert.org/vuls/id/700326nvdThird Party AdvisoryUS Government Resource
- patches.sgi.com/support/free/security/advisories/20060401-01-Unvd
- secunia.com/advisories/19532nvd
- securitytracker.com/idnvd
- www.mandriva.com/security/advisoriesnvd
- bugzilla.fedora.us/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17303nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9805nvd
News mentions
0No linked articles in our index yet.