ID SECURITYVULNS:VULN:5915
Type securityvulns
Reporter BUGTRAQ
Modified 2006-03-21T00:00:00
Description
By using -modulepath it's possible to specify shared libraries location to attach user's library to suid application.
{"id": "SECURITYVULNS:VULN:5915", "bulletinFamily": "software", "title": "X.org / X11 X server privilege escalation", "description": "By using -modulepath it's possible to specify shared libraries location to attach user's library to suid application.", "published": "2006-03-21T00:00:00", "modified": "2006-03-21T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:5915", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:11875", "https://vulners.com/securityvulns/securityvulns:doc:11876"], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:09:20", "edition": 1, "viewCount": 2, "enchantments": {"score": {"value": 4.0, "vector": "NONE", "modified": "2018-08-31T11:09:20", "rev": 2}, "dependencies": {"references": [{"type": "mskb", "idList": ["KB953331", "KB2746164", "KB980408", "KB2526299", "KB983509", "KB2787763", "KB2603287", "KB2460065", "KB2510690", "KB977074"]}, {"type": "centos", "idList": ["CESA-2020:1011"]}, {"type": "threatpost", "idList": ["THREATPOST:2FC50917F19F5A13F14EBE274E190CD9", "THREATPOST:F3563336B135A1D7C1251AE54FDC6286"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1011"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2164.NASL", "REDHAT-RHSA-2020-1011.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310892164"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2164-1:52F3C"]}, {"type": "redhat", "idList": ["RHSA-2020:1011"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:11876", "SECURITYVULNS:DOC:11875"]}], "modified": "2018-08-31T11:09:20", "rev": 2}, "vulnersScore": 4.0}, "affectedSoftware": [{"name": "X11", "operator": "eq", "version": "6.8"}, {"name": "x.org", "operator": "eq", "version": "1.0"}, {"name": "X11", "operator": "eq", "version": "6.9"}]}
{"rst": [{"lastseen": "2021-02-28T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **113[.]101.246.13** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **17**.\n First seen: 2020-11-30T03:00:00, Last seen: 2021-02-28T03:00:00.\n IOC tags: **malware**.\nASN 140314: (First IP 113.101.224.0, Last IP 113.101.255.255).\nASN Name \"CHINATELECOMGUANGDONGSHANTOU5GNETWORK\" and Organisation \"CHINATELECOM Guangdong province Shantou 5G network\".\nASN hosts 133 domains.\nGEO IP information: City \"Changsha\", Country \"China\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-11-30T00:00:00", "id": "RST:DA8C0432-5915-31B3-827A-8C78A1BD169A", "href": "", "published": "2021-03-01T00:00:00", "title": "RST Threat feed. IOC: 113.101.246.13", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-28T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **218[.]95.115.117** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-28T03:00:00.\n IOC tags: **shellprobe**.\nASN 4134: (First IP 218.95.40.0, Last IP 218.95.223.255).\nASN Name \"CHINANETBACKBONE\" and Organisation \"No31Jinrong Street\".\nASN hosts 1186862 domains.\nGEO IP information: City \"\", Country \"China\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:EB88EEA7-5915-396A-B8F0-807C6E2FFA6F", "href": "", "published": "2021-03-01T00:00:00", "title": "RST Threat feed. IOC: 218.95.115.117", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-01T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **24[.]146.218.135** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **26**.\n First seen: 2020-09-06T03:00:00, Last seen: 2020-11-01T03:00:00.\n IOC tags: **botnet**.\nWe found that the IOC is used by: **mirai**.\nASN 6128: (First IP 24.146.128.0, Last IP 24.146.255.255).\nASN Name \"CABLENET1\" and Organisation \"Cablevision Systems Corp\".\nASN hosts 17015 domains.\nGEO IP information: City \"Dover\", Country \"United States\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-09-06T00:00:00", "id": "RST:F475756C-5915-3760-A9F3-1B794A3E587D", "href": "", "published": "2021-02-26T00:00:00", "title": "RST Threat feed. IOC: 24.146.218.135", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **uv4[.]eu.api.binance.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2021-01-17T03:00:00, Last seen: 2021-01-17T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-17T00:00:00", "id": "RST:BA34E493-5915-34C9-937D-93EFBBB5EFC5", "href": "", "published": "2021-02-24T00:00:00", "title": "RST Threat feed. IOC: uv4.eu.api.binance.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 zcashshare.acc-pool.pw** in [RST Threat Feed](https://rstcloud.net/profeed) with score **48**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nDomain has DNS A records: 148[.]251.53.209\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:63597E43-5915-3523-86CE-B951FC45570B", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 zcashshare.acc-pool.pw", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 d80.bw.bw.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nWhois:\n Created: 1993-06-20 23:00:00, \n Registrar: GoDaddycom LLC, \n Registrant: Not Available From Registry.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:A4E12E91-5915-3753-B90B-3A910FC8A5D3", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 d80.bw.bw.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 sftp4-8.binance.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **48**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nDomain has DNS A records: 54[.]95.212.255,54.250.4.108\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:E345174A-5915-3EAF-A44E-4E8459736401", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 sftp4-8.binance.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-23T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0[.]0.0.0 mail.novaco.in** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2021-02-23T03:00:00, Last seen: 2021-02-23T03:00:00.\n IOC tags: **cryptomining**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-23T00:00:00", "id": "RST:DBB78BB6-5915-30BE-8E0D-F07021777DCD", "href": "", "published": "2021-02-23T00:00:00", "title": "RST Threat feed. IOC: 0.0.0.0 mail.novaco.in", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-17T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **ktfqvuqgyqbcosavi[.]eu** in [RST Threat Feed](https://rstcloud.net/profeed) with score **36**.\n First seen: 2021-01-20T03:00:00, Last seen: 2021-02-17T03:00:00.\n IOC tags: **generic**.\nIt was found that the IOC is used by: **necurs**.\nDomain has DNS A records: 47[.]26.42.135\nWhois:\n Created: 1970-01-01 00:00:00, \n Registrar: Namecheap Inc, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-01-20T00:00:00", "id": "RST:18CC501C-5915-3AF3-A81E-2AEFECC8E8E6", "href": "", "published": "2021-02-18T00:00:00", "title": "RST Threat feed. IOC: ktfqvuqgyqbcosavi.eu", "type": "rst", "cvss": {}}, {"lastseen": "2021-02-16T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **https://bankpayee-unauthorise[.]com/login.php** in [RST Threat Feed](https://rstcloud.net/profeed) with score **17**.\n First seen: 2021-02-16T03:00:00, Last seen: 2021-02-16T03:00:00.\n IOC tags: **phishing**.\nIOC could be a **False Positive** (Resource unavailable).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-16T00:00:00", "id": "RST:5CC06F34-5915-3DA3-BB1A-9865E64E69B0", "href": "", "published": "2021-02-17T00:00:00", "title": "RST Threat feed. IOC: https://bankpayee-unauthorise.com/login.php", "type": "rst", "cvss": {}}]}
