Vulnerability Name: | CVE-2006-0745 (CCN-25341) | ||||||||||||
Assigned: | 2006-03-20 | ||||||||||||
Published: | 2006-03-20 | ||||||||||||
Updated: | 2018-10-19 | ||||||||||||
Summary: | X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | ||||||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2006-0745 Source: CCN Type: BugTraq Mailing List, 2006-03-20 14:00:58 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Source: SECUNIA Type: UNKNOWN 19256 Source: CCN Type: SA19307 X.Org X11 User Privilege Checking Security Bypass Source: SECUNIA Type: UNKNOWN 19307 Source: SECUNIA Type: UNKNOWN 19311 Source: SECUNIA Type: UNKNOWN 19316 Source: CCN Type: SA19676 Avaya CMS / IR Sendmail Memory Corruption Vulnerability Source: SECUNIA Type: UNKNOWN 19676 Source: SREASON Type: UNKNOWN 606 Source: CCN Type: SECTRACK ID: 1015793 X.Org Server `-modulepath` and `-logfile` Parameter Privilege Validation Error Lets Local Users Gain Root Privileges Source: SECTRACK Type: UNKNOWN 1015793 Source: CCN Type: Sun Alert ID: 102252 Security Vulnerabilities found in the Xorg(1) X11R6.9 and X11R7.0 Server Source: SUNALERT Type: UNKNOWN 102252 Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm Source: CCN Type: US-CERT VU#837857 X.Org server fails to properly test for effective user ID Source: MANDRIVA Type: UNKNOWN MDKSA-2006:056 Source: SUSE Type: UNKNOWN SUSE-SA:2006:016 Source: OSVDB Type: UNKNOWN 24000 Source: OSVDB Type: UNKNOWN 24001 Source: CCN Type: OSVDB ID: 24000 X.Org X Window System (X11) / X.Org Server -modulepath Parameter Privileged Code Execution Source: CCN Type: OSVDB ID: 24001 X.Org X Window System (X11) / X.Org Server -logfile Parameter Arbitrary File Overwrite Source: FEDORA Type: UNKNOWN FEDORA-2006-172 Source: BUGTRAQ Type: UNKNOWN 20060320 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Source: BUGTRAQ Type: UNKNOWN 20060320 Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Source: BID Type: Exploit, Patch 17169 Source: CCN Type: BID-17169 X.Org X Window Server Local Privilege Escalation Vulnerability Source: CCN Type: TLSA-2006-12 setuid return value check problems Source: VUPEN Type: UNKNOWN ADV-2006-1017 Source: VUPEN Type: UNKNOWN ADV-2006-1028 Source: CCN Type: X.Org Foundation Web site X11R7.0 Source Patches Source: XF Type: UNKNOWN xorg-geteuid-privilege-escalation(25341) Source: XF Type: UNKNOWN xorg-geteuid-privilege-escalation(25341) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1697 Source: SUSE Type: SUSE-SA:2006:016 xorg-x11-server local privilege escalation Source: SUSE Type: SUSE-SR:2006:006 SUSE Security Summary Report | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Denotes that component is vulnerable | ||||||||||||
Oval Definitions | |||||||||||||
| |||||||||||||
BACK |