Unrated severityNVD Advisory· Published Mar 21, 2006· Updated Apr 16, 2026
CVE-2006-0745
CVE-2006-0745
Description
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
Affected products
8cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86_64:*:*:*:*:*
- cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*
- cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
21- www.securityfocus.com/bid/17169nvdExploitPatch
- secunia.com/advisories/19256nvd
- secunia.com/advisories/19307nvd
- secunia.com/advisories/19311nvd
- secunia.com/advisories/19316nvd
- secunia.com/advisories/19676nvd
- securityreason.com/securityalert/606nvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2006-078.htmnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_16_xorgx11server.htmlnvd
- www.osvdb.org/24000nvd
- www.osvdb.org/24001nvd
- www.redhat.com/archives/fedora-announce-list/2006-March/msg00026.htmlnvd
- www.securityfocus.com/archive/1/428183/100/0/threadednvd
- www.securityfocus.com/archive/1/428230/100/0/threadednvd
- www.vupen.com/english/advisories/2006/1017nvd
- www.vupen.com/english/advisories/2006/1028nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25341nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1697nvd
News mentions
0No linked articles in our index yet.