[Tfug] Root exploit for Mac OS X

Jim Secan jim at nwra.com
Fri Jun 20 07:29:02 MST 2008

There was a lot of discussion about this yesterday on /.


At 07:21 AM 06/20/2008 -0700, you wrote:
>'Tain't FOSS but it's often discussed here.  Just came across this little
>------- Included Stuff Follows -------
>Root exploit for Mac OS X
>    A vulnerability in Mac OS X 10.4 and 10.5 makes it easy for potential 
>    attackers to obtain root rights to a system. The ARDAgent - Apple Remote 
>    Desktop - part of Remote Management has the SUID bit set. ARDAgent is
>    to run AppleScript with root rights and these, in turn, may contain
>    commands - all without requiring a password.
>    To demonstrate the problem as a standard user or guest on a computer,
>    osascript -e 'tell app "ARDAgent" to do shell script "whoami"'; into the 
>    console. Physical access to a system is not required for an attack to be 
>    successful. In principle, the exploit will also work remotely, say on a 
>    server on which a user has a restricted account with SSH access.
>--------- Included Stuff Ends ---------
>More details and links here:
>Tucson Free Unix Group - tfug at tfug.org
>Subscription Options:
| Jim Secan           | Northwest Research Assoc, Inc |
| (jim at nwra.com)      | 2455 E. Speedway, Suite 204   |
| (520) 319-7773      | Tucson, Arizona 85719         |

More information about the tfug mailing list