| ID |
CVE-2006-0745
|
| Summary |
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:x.org:x11r6:6.9:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x11r6:6.9:*:*:*:*:*:*:*
-
cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*
-
cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:*
-
cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
-
cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86_64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86_64:*:*:*:*:*
-
cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*
-
cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
-
cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*
|
| CVSS |
| Base: | 7.2 (as of 19-10-2018 - 15:46) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| oval
via4
|
| accepted | 2011-05-09T04:01:19.512-04:00 | | class | vulnerability | | contributors | | name | Robert L. Hollis | | organization | ThreatGuard, Inc. |
| name | Shane Shaffer | | organization | G2, Inc. |
| | description | X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | | family | unix | | id | oval:org.mitre.oval:def:1697 | | status | accepted | | submitted | 2006-03-21T04:03:00.000-04:00 | | title | X.Org Privilege Escalation Vulnerability in X11R6.9, X11R7.0 | | version | 36 |
|
| refmap
via4
|
| bid | 17169 | | bugtraq | - 20060320 Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
- 20060320 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
| | confirm | http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm | | fedora | FEDORA-2006-172 | | mandriva | MDKSA-2006:056 | | osvdb | | | sectrack | 1015793 | | secunia | - 19256
- 19307
- 19311
- 19316
- 19676
| | sreason | 606 | | sunalert | 102252 | | suse | SUSE-SA:2006:016 | | vupen | - ADV-2006-1017
- ADV-2006-1028
| | xf | xorg-geteuid-privilege-escalation(25341) |
|
| Last major update |
19-10-2018 - 15:46 |
| Published |
21-03-2006 - 02:06 |
| Last modified |
19-10-2018 - 15:46 |
