CVE-2011-4029

X.Org xorg 1.4 < 1.11.2 - File Permission Change

Severity Score

1.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to change the permissions of arbitrary files to 444, read those files, and possibly cause a denial of service (removed execution permission) via a symlink attack on a temporary lock file.

La función LockServer en os/utils.c en xserver X.Org antes de v1.11.2 permite a los usuarios locales cambiar los permisos de archivos de su elección a 444, leer los archivos, y posiblemente causar una denegación de servicio (por permiso retirado de ejecución) a través de un ataque de enlace simbólico a un archivo de bloqueo temporal.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

Attack Vector

Local

Attack Complexity

High

Authentication

None

Confidentiality

Complete

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-10-09 CVE Reserved
2011-10-18 CVE Published
2011-10-28 First Exploit
2023-03-08 EPSS Updated
2024-09-17 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CAPEC

References (8)

URL	Tag	Source
http://lists.freedesktop.org/archives/xorg/2011-October/053680.html	Mailing List

URL	Date	SRC
https://www.exploit-db.com/exploits/18040	2011-10-28

URL	Date	SRC
http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4	2020-08-24

URL	Date	SRC
http://rhn.redhat.com/errata/RHSA-2012-0939.html	2020-08-24
http://secunia.com/advisories/46460	2020-08-24
http://secunia.com/advisories/49579	2020-08-24
https://access.redhat.com/security/cve/CVE-2011-4029	2012-06-19
https://bugzilla.redhat.com/show_bug.cgi?id=745024	2012-06-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
X.org Search vendor "X.org"		X Server Search vendor "X.org" for product "X Server"				<= 1.11.1 Search vendor "X.org" for product "X Server" and version " <= 1.11.1"		-		Affected
X.org Search vendor "X.org"		X Server Search vendor "X.org" for product "X Server"				1.11.0 Search vendor "X.org" for product "X Server" and version "1.11.0"		-		Affected