TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2018-14665

N/A

Beschreibung

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.

CVE Details

CVSS v3.1 BewertungN/A
Veroffentlicht10/25/2018
Zuletzt geandert8/29/2025
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

canonical:ubuntu_linuxdebian:debian_linuxredhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_eusredhat:enterprise_linux_server_tusredhat:enterprise_linux_workstationx.org:x_server

Schwachen (CWE)

CWE-863

Referenzen

http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html(secalert@redhat.com)
http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html(secalert@redhat.com)
http://www.securityfocus.com/bid/105741(secalert@redhat.com)
http://www.securitytracker.com/id/1041948(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2018:3410(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665(secalert@redhat.com)
https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e(secalert@redhat.com)
https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170(secalert@redhat.com)
https://lists.x.org/archives/xorg-announce/2018-October/002927.html(secalert@redhat.com)
https://security.gentoo.org/glsa/201810-09(secalert@redhat.com)
https://usn.ubuntu.com/3802-1/(secalert@redhat.com)
https://www.debian.org/security/2018/dsa-4328(secalert@redhat.com)
https://www.exploit-db.com/exploits/45697/(secalert@redhat.com)
https://www.exploit-db.com/exploits/45742/(secalert@redhat.com)
https://www.exploit-db.com/exploits/45832/(secalert@redhat.com)
https://www.exploit-db.com/exploits/45908/(secalert@redhat.com)
https://www.exploit-db.com/exploits/45922/(secalert@redhat.com)
https://www.exploit-db.com/exploits/45938/(secalert@redhat.com)
https://www.exploit-db.com/exploits/46142/(secalert@redhat.com)
https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html(secalert@redhat.com)
http://packetstormsecurity.com/files/154942/Xorg-X11-Server-SUID-modulepath-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/155276/Xorg-X11-Server-Local-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/105741(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1041948(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:3410(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14665(af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/xorg/xserver/commit/50c0cf885a6e91c0ea71fb49fa8f1b7c86fe330e(af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/xorg/xserver/commit/8a59e3b7dbb30532a7c3769c555e00d7c4301170(af854a3a-2127-422b-91ae-364da2661108)
https://lists.x.org/archives/xorg-announce/2018-October/002927.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201810-09(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3802-1/(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2018/dsa-4328(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45697/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45742/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45832/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45908/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45922/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45938/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/46142/(af854a3a-2127-422b-91ae-364da2661108)
https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.