Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0745

7 documents7 sources
Severity
7.2HIGH
EPSS
0.2%
top 60.75%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
6
Mandrakesoft Mandrake LinuxRedhat Fedora CoreSUN Solaris+3 more
Timeline
PublishedMar 21
Latest updateMay 1

Description

X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages7 packages

Debianxorg-server< 1:1.0.2-1+3
NVDx.org/x11r66.9
NVDx.org/x11r71.0, 1.0.1+1
NVDsun/solaris10.0
NVDsuse/suse_linux10.0

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-qhrh-3jj7-5jgg: X2022-05-01
OSV
CVE-2006-0745: X2006-03-21
CVEList
CVE-2006-0745: X2006-03-21

💥Exploits & PoCs

1
Exploit-DB
X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation2006-03-20

📋Vendor Advisories

1
Debian
CVE-2006-0745: xorg-server - X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently...2006

💬Community

1
Bugzilla
CVE-2006-0745 xorg-x11 privilege escalation2006-03-10