Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2011-4613

Published: 05/02/2014 Updated: 24/08/2020
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 465
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Canonical

Vulnerability Summary

The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 11.10

debian debian linux

ubuntu linux

x.org x server -

canonical ubuntu linux 10.10

canonical ubuntu linux 10.04

canonical ubuntu linux 11.04

Vendor Advisories

Debian CVElist Bug Report Logs: bypass default security level of the X wrapper
Debian Bug report logs - #652249 bypass default security level of the X wrapper Package: xserver-xorg; Maintainer for xserver-xorg is Debian X Strike Force <debian-x@listsdebianorg>; Source for xserver-xorg is src:xorg (PTS, buildd, popcon) Reported by: vladz <vladz@devzerofr> Date: Thu, 15 Dec 2011 18:06:02 UTC ...
Ubuntu Security Notice: xorg vulnerability
X could be made to start by a user who lacked appropriate permissions ...
Debian Security Advisories: DSA-2364-1 xorg -- incorrect permission check
The Debian X wrapper enforces that the X server can only be started from a console vladz discovered that this wrapper could be bypassed The oldstable distribution (lenny) is not affected For the stable distribution (squeeze), this problem has been fixed in version 75+8+squeeze1 For the unstable distribution (sid), this problem has been fixed i ...

Exploits

Exploit DB: X.Org xorg 1.4 < 1.11.2 - File Permission Change
/* xchmodc -- Xorg file permission change vulnerability PoC Author: vladz (vladzdevzerofr) Date: 2011/12/15 Software: wwwxorg Version: Xorg 14 to 1112 in all configurations Xorg 13 and earlier if built with the USE_CHMOD preprocessor identifier Tested on: Debian 602 up to date with X defa ...
Exploit DB: X.org File Permission Change Proof Of Concept
This proof of concept exploit sets permissions to 444 on an arbitrary file specified as an argument by leveraging SIGSTOP/SIGCONT signals and the Inotify API to win a race condition in X ...

References

CWE-264http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652249http://www.ubuntu.com/usn/USN-1349-1http://www.debian.org/security/2011/dsa-2364https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652249https://usn.ubuntu.com/1349-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/18040/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook