Exploiting large memory management vulnerabilities in Xorg server running on Linux
Page 1 of 1
Exploiting large memory management vulnerabilities in Xorg server running on Linux
A malicious authenticated client can force Xorg server to exhaust (or fragment) its address space. If running on Linux,this may result in the process stack top being in an unexpected region and execution of arbitrary code with server priv-ileges (root).x86 32 and x86 64 platforms are aected, others most probably are aected,too.Note that depending on the system con guration, by default local unpriv-ileged users may be able to start an instance of Xorg server that requires no authentication and exploit it.Also if a remote attacker exploits a (unrelated) vulnerability in a GUI application (e.g. web browser),he will have ability to attack X server.
In case of a local attacker that can use MIT-SHM extension (which is the most likely scenario),the exploit is very reliable.Identi er CVE-2010-2240 has been reserved for the underlying issue (Linux kernel not providing stack and heap separation).This issue has been known for at least five years.
Download PDF
In case of a local attacker that can use MIT-SHM extension (which is the most likely scenario),the exploit is very reliable.Identi er CVE-2010-2240 has been reserved for the underlying issue (Linux kernel not providing stack and heap separation).This issue has been known for at least five years.
Download PDF
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» How to install and configure IP version 6 in Windows Server 2003 Enterprise Server
» Understanding System Memory and CPU speeds
» Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
» Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
» Bypassing Browser Memory Protections
» Understanding System Memory and CPU speeds
» Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
» Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection
» Bypassing Browser Memory Protections
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum