You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2006-04-25 00:42:35
- user
- Member
- Registered: 2006-03-29
- Posts: 465
[solved]X org
X.Org 6.9.0/7.0
*
March 20, 2006 - A security vulnerability has been found in the X.Org server as shipped with X11R6.9.0 and X11R7.0 (xorg-server 1.0.0 and 1.0.1) -- this is CVE-2006-0745. Local users were able to escalate privileges to root and cause a DoS if the Xorg server was installed setuid root (the default). Note that earlier releases are not vulnerable. Please see the advisory for more information. Patches are available for X11R6.9.0 and X11R7.0. If you are running X11R7.0, you can upgrade xorg-server to 1.0.2 (release announcement, download).
I removed my sig, cause i select the flag, the flag often the target of enemy.
SAR brain-tumor
[img]http://img91.imageshack.us/img91/460/cellphonethumb0ff.jpg[/img]
Offline
#2 2006-04-25 00:58:05
- Gullible Jones
- Member
- Registered: 2004-12-29
- Posts: 4,863
Re: [solved]X org
Solved already.
[proteus@localhost ~]$ pacman -Q xorg-server
xorg-server 1.0.2-1Offline
#3 2006-04-25 01:20:08
- user
- Member
- Registered: 2006-03-29
- Posts: 465
Re: [solved]X org
emm, sorry
PS: how funny it is, see the patch
--- hw/xfree86/common/xf86Init.c.orig 2006-03-17 23:31:45.000000000 +0200
+++ hw/xfree86/common/xf86Init.c 2006-03-17 23:32:03.000000000 +0200
@@ -1377,7 +1377,7 @@
}
/* First the options that are only allowed for root */
- if (getuid() == 0 || geteuid != 0)
+ if (getuid() == 0 || geteuid() != 0)
{
if (!strcmp(argv[i], "-modulepath"))
{
@@ -1677,7 +1677,7 @@
}
if (!strcmp(argv[i], "-configure"))
{
- if (getuid() != 0 && geteuid == 0) {
+ if (getuid() != 0 && geteuid() == 0) {
ErrorF("The '-configure' option can only be used by root.n");
exit(1);
}I removed my sig, cause i select the flag, the flag often the target of enemy.
SAR brain-tumor
[img]http://img91.imageshack.us/img91/460/cellphonethumb0ff.jpg[/img]
Offline
Pages: 1