Intego Announces a New Apple Remote Desktop Vulnerability

20.06.2008 13:50 Uhr, Quelle: Hardmac.com

Intego reports to has identified a new vulnerability in Mac OS X 10.4 and 10.5 which is linked to the application Apple Remote Desktop. According to Intego, the ARD vulnerability would allow malicious programs to execute code as Root without requiring a password: A vulnerability has been discovered that allows malicious programs to execute code as root when run locally, or via a remote connection, on computers running Mac OS X 10.4 and 10.5. This vulnerability takes advantage of the fact that ARDAgent, a part of the Remote Management component of Mac OS X 10.4 and 10.5, has a setuid bit set. Any user running such an executable gains the privileges of the user who owns that executable. In this case, ARDAgent is owned by root, so running code via the ARDAgent executable runs this code as root, without requiring a password. The exploit in question depends on ARDAgents ability to run AppleScripts, which may, in turn, include sh

Weiterlesen bei Hardmac.com

Mo	Di	Mi	Do	Fo	Sa	So
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30

Mo	Di	Mi	Do	Fo	Sa	So
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

Archiv