[X-Unix] Root Exploit via sudo
Our PAl Al
opa at nyc.rr.com
Thu Apr 7 09:08:03 PDT 2005
Just got this on the BugTraqMac list. Definitely relevant for here.
> +++++
>
> There is a warning out about a potentially very serious security
> vulnerability in OS X. The vulnerability would allow a Trojan Horse to
> gain root access without the need for user authentication.
>
> The good news is that the vulnerability is easily patched.
>
> The bad news is that Apple doesn't feel that it is a problem that they
> have to deal with.
>
> See:
> <http://www.securityfocus.com/archive/1/395107/2005-04-03/2005-04-09/0>
> Summary:
> OSX can be root compromised by a trojan application. The trojan
> application does not require explicit user authentication to elevate its
> privileges to root, nor does the root account need to be enabled. The
> Trojan application must be run from an account that is in the admin group,
> which is the default for the first account created and the context in
> which most users run. Once executed, the trojan application must only
> wait until the user leverages the sudo utility, either at the command line
> or by another application that leverages sudo to elevate it's privileges.
<snip>
More information about the X-Unix
mailing list