Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora Core 5: FEDORA-2006-172 Critical: Xorg Root Exploit

fedora
Calendar Grey March 20, 2006
Dist Fedora Esm H88
Critical vulnerability patch implemented to mitigate root access threats in X.Org server within Fedora Core 5.
Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team

Summary

X.Org X11 X server

Coverity scanned the X.Org source code for problems and

reported their findings to the X.Org development team. Upon

analysis, Alan Coopersmith, a member of the X.Org

development team, noticed a couple of serious security

issues in the findings. In particular, the Xorg server can

be exploited for root privilege escalation by passing a path

to malicious modules using the -modulepath command line

argument. Also, the Xorg server can be exploited to

overwrite any root writable file on the filesystem with the

-logfile command line argument.

- CVE-2006-0745 (bug 185084)

62c76f10a229a7acb1124f2fcd2bf09bc3d5f9c2 SRPMS/xorg-x11-server-1.0.1-9.src.rpm

b5aaa17856b44f1c9478fb57940053f8853fbdc7 ppc/xorg-x11-server-Xorg-1.0.1-9.ppc.rpm

d522b711623540752dab0285f3e6e9af5957e93e ppc/xorg-x11-server-Xnest-1.0.1-9.ppc.rpm

30d539d1981ee371c3c23d37040f645e18cab3cb ppc/xorg-x11-server-Xdmx-1.0.1-9.ppc.rpm

105129cb3df40edefa427a3079b01723796b78e3 ppc/xorg-x11-server-Xvfb-1.0.1-9.ppc.rpm

47cac9878371cda596282f1312097391b63e6f5c ppc/xorg-x11-server-sdk-1.0.1-9.ppc.rpm

c9b2e112fbb160304fe88687d786f7a296c12e67 ppc/debug/xorg-x11-server-debuginfo-1.0.1-9.ppc.rpm

c1354391868e4d65dec1fde4df901c663977529e x86_64/xorg-x11-server-Xorg-1.0.1-9.x86_64.rpm

4e75a20403dd8aa89b1c40334694b7d7dccfc0db x86_64/xorg-x11-server-Xnest-1.0.1-9.x86_64.rpm

86f7afcdacf79cccdf12f8c013bef03d84a2420b x86_64/xorg-x11-server-Xdmx-1.0.1-9.x86_64.rpm

cf4fb466fe5c3cca5a1360c6f70a7e0b04fa0080 x86_64/xorg-x11-server-Xvfb-1.0.1-9.x86_64.rpm

3448d6e446fdf245b805e731ade54c6801daaa53 x86_64/xorg-x11-server-sdk-1.0.1-9.x86_64.rpm

5a6e70aef827c124c7ef660c544f78def11a498e x86_64/debug/xorg-x11-server-debuginfo-1.0.1-9.x86_64.rpm

dc08e7f253ba49a6bc0ca5b29d988a78b928dba2 i386/xorg-x11-server-Xorg-1.0.1-9.i386.rpm

2235e42c5ffe9255f4cc18f68e19b0652e2a52ec i386/xorg-x11-server-Xnest-1.0.1-9.i386.rpm

0babd4a06f0ac57eb8ea2730022b9cb5e49abe5d i386/xorg-x11-server-Xdmx-1.0.1-9.i386.rpm

4ac6d2ef90052d965f0d23abb27ea5d7128c51c9 i386/xorg-x11-server-Xvfb-1.0.1-9.i386.rpm

afbdac912fa0cc580f18c4ff3eccff444f89595f i386/xorg-x11-server-sdk-1.0.1-9.i386.rpm

b36a9dd6eed098a3c8f55d5415ee07d1a893b5ba i386/debug/xorg-x11-server-debuginfo-1.0.1-9.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com

Topics%20covered

Topics Covered

security advisory software update Fedora root exploit Xorg server

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xorg-x11-server
Version: 1.0.1
Release: 9
Summary: X.Org X11 X server

Topics%20covered

Topics Covered

security advisory software update Fedora root exploit Xorg server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here