CVE-2018-14665 PoC — xorg-x11-server 权限许可和访问控制问题漏洞

Source

https://github.com/bolonobolo/CVE-2018-14665

Associated Vulnerability

Title:xorg-x11-server 权限许可和访问控制问题漏洞 (CVE-2018-14665)
Description:xorg-x11-server是多个厂商操作系统中所捆绑的X窗口系统显示服务器。 xorg-x11-server 1.20.3之前版本中存在安全漏洞。本地攻击者可利用该漏洞提升权限，进而以root权限运行任意代码。

Readme

# CVE-2018-14665
Here you can find my analisys and PoC for most used Linux distribution. <br>
For now i started from Redhat, this is the link for the official RHSA <br>
[RHSA-2018:3410](https://access.redhat.com/errata/RHSA-2018:3410)

File Snapshot


 [4.0K]  /data/pocs/d1002eb3a552384166ef2799ccb01c2558292978
├── [4.0K]  img
│   ├── [3.3K]  console_empty.png
│   ├── [5.0K]  console_ready.png
│   ├── [ 50K]  exploited.png
│   ├── [128K]  login1.png
│   ├── [274K]  login2.png
│   ├── [9.7K]  PAM_xserver.png
│   ├── [ 19K]  RedHat_statement.png
│   ├── [4.8K]  rhel_release.png
│   ├── [7.5K]  rpm-xserver.png
│   ├── [ 29K]  selinux.png
│   ├── [ 15K]  xorg_KO.png
│   ├── [ 86K]  xorg_OK.png
│   └── [ 84K]  xorg_PE.png
├── [ 235]  README.md
└── [4.0K]  redhat
    ├── [2.7K]  PoC.py
    └── [2.6K]  README.md

2 directories, 16 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!