AIX 7.2 TL 1 : xorg (IJ11547)

High Nessus Plugin ID 119630

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 7.4


The remote AIX host is missing a security patch.

Description X.Org X server could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper validation of command line parameters. An attacker could exploit this vulnerability using the -modulepath argument or the -logfile argument to overwrite arbitrary files and execute unprivileged code on the system.


Install the appropriate interim fix.

See Also

Plugin Details

Severity: High

ID: 119630

File Name: aix_IJ11547.nasl

Version: 1.8

Type: local

Published: 2018/12/13

Updated: 2019/04/25

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 7.4

Vulnerability Information

CPE: cpe:/o:ibm:aix:7.2

Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2018/12/11

Vulnerability Publication Date: 2018/12/11

Exploitable With

Metasploit (Xorg X11 Server SUID logfile Privilege Escalation)

Reference Information

CVE: CVE-2018-14665