Vulnerabilities > CVE-2006-2196 - Local Security vulnerability in Jochen Friedrich Pinball 0.3.1

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

jochen-friedrich

nessus

NVD

Published: 2006-06-26

Updated: 2017-07-20

Summary

Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges.

Vulnerable Configurations

Part	Description	Count
Application	Jochen_Friedrich Jochen Friedrich Pinball 0.3.1	1

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1102.NASL
description	Steve Kemp from the Debian Security Audit project discovered that pinball, a pinball simulator, can be tricked into loading level plugins from user-controlled directories without dropping privileges.
last seen	2020-06-01
modified	2020-06-02
plugin id	22644
published	2006-10-14
reporter	This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/22644
title	Debian DSA-1102-1 : pinball - design error

Summary

Vulnerable Configurations

Nessus

References