Back to search
CVE-2006-0745
Published: Mar 21, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MDKSA-2006:056
vendor-advisory
x_refsource_MANDRIVA
20060320 Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
mailing-list
x_refsource_BUGTRAQ
xorg-geteuid-privilege-escalation(25341)
vdb-entry
x_refsource_XF
FEDORA-2006-172
vendor-advisory
x_refsource_FEDORA
http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm
x_refsource_CONFIRM
20060320 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
mailing-list
x_refsource_BUGTRAQ
1015793
vdb-entry
x_refsource_SECTRACK
19256
third-party-advisory
x_refsource_SECUNIA
102252
vendor-advisory
x_refsource_SUNALERT
24000
vdb-entry
x_refsource_OSVDB
19676
third-party-advisory
x_refsource_SECUNIA
19316
third-party-advisory
x_refsource_SECUNIA
24001
vdb-entry
x_refsource_OSVDB
ADV-2006-1017
vdb-entry
x_refsource_VUPEN
606
third-party-advisory
x_refsource_SREASON
17169
vdb-entry
x_refsource_BID
SUSE-SA:2006:016
vendor-advisory
x_refsource_SUSE
ADV-2006-1028
vdb-entry
x_refsource_VUPEN
19307
third-party-advisory
x_refsource_SECUNIA
19311
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:1697
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now