CVE-2006-0745
Published Mar 21, 2006
Last updated 6 years ago
Overview
- Description
- X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F9809AF-75A2-4E08-9E41-EE9DB960E789"
},
{
"criteria": "cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D02D3FA8-EDCD-4A3C-81CF-FC09633270DF"
},
{
"criteria": "cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3D35005-EEB1-4FA1-95B5-EFF2ABC31AD3"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124"
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86_64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07EC6C5A-33C9-456A-A8C9-0DF67C76041E"
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C"
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1"
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D"
}
],
"operator": "OR"
}
]
}
]