info@cirt.gov.bd
+88-02-550071 83-86
Facebook Page LinkedIn Page Twitter Page

New Privilege Escalation Flaw Affects Most Linux Distributions [source: thehackernews]

by
29 Oct 2018
in News Clipping
No Comments
1505

An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora.

Xorg X server is a popular open-source implementation of the X11 system (display server) that offers a graphical environment to a wider range of hardware and OS platforms. It serves as an intermediary between client and user applications to manage graphical displays.

According to a blog post published by software security engineer Narendra Shinde, Xorg X server doesn’t correctly handle and validate arguments for at least two command-line parameters, allowing a low-privileged user to execute malicious code and overwrite any file—including files owned by privileged users like root.

The flaw, tracked as CVE-2018-14665, was introduced in X.Org server 1.19.0 package that remained undetected for almost two years and could have been exploited by a local attacker on the terminal or via SSH to elevate their privileges on a target system.

For more, click here.

Share

Recommended Posts