[Tfug] Root exploit for Mac OS X

Jim Secan jim at nwra.com
Fri Jun 20 07:29:02 MST 2008


There was a lot of discussion about this yesterday on /.

Jim

At 07:21 AM 06/20/2008 -0700, you wrote:
>'Tain't FOSS but it's often discussed here.  Just came across this little
gem:
>
>------- Included Stuff Follows -------
>Root exploit for Mac OS X
>
>    A vulnerability in Mac OS X 10.4 and 10.5 makes it easy for potential 
>    attackers to obtain root rights to a system. The ARDAgent - Apple Remote 
>    Desktop - part of Remote Management has the SUID bit set. ARDAgent is
able 
>    to run AppleScript with root rights and these, in turn, may contain
shell 
>    commands - all without requiring a password.
>
>    To demonstrate the problem as a standard user or guest on a computer,
type 
>    osascript -e 'tell app "ARDAgent" to do shell script "whoami"'; into the 
>    console. Physical access to a system is not required for an attack to be 
>    successful. In principle, the exploit will also work remotely, say on a 
>    server on which a user has a restricted account with SSH access.
>
>--------- Included Stuff Ends ---------
>More details and links here:
>http://www.heise-online.co.uk/security/Root-exploit-for-Mac-OS-X--/news/110
968
>
>
>
>_______________________________________________
>Tucson Free Unix Group - tfug at tfug.org
>Subscription Options:
>http://www.tfug.org/mailman/listinfo/tfug_tfug.org
>
*---------------------*-------------------------------*
| Jim Secan           | Northwest Research Assoc, Inc |
| (jim at nwra.com)      | 2455 E. Speedway, Suite 204   |
| (520) 319-7773      | Tucson, Arizona 85719         |
*---------------------*-------------------------------*




More information about the tfug mailing list