aru Posted March 20, 2006 Report Share Posted March 20, 2006 Mandriva Advisories MDKSA-2006:056 : xorg-x11 Updated xorg-x11 packages to address local root vuln March 20th, 2006 Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files. Updated packages have been patched to correct these issues. The released versions of Mandriva GNU/Linux affected are: 2006.0Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:056 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0745 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts