Rent a car today and get the best possible rates
Today's Fresh Blogs...| MOAB-28-01-2007: Apple crashdump Privilege Escalation Vulnerability |
| Published: January 28, 2007, 6:54 pm |
| Tags: Privilege Escalation |
| files with elevated privileges. In couple with a specially crafted Mach-O binary, this can be used to write a malicious crontab entry, which will run with root privileges.Apple crashdump Privilege Escalation VulnerabilityExploit: MOAB-28-01-2007.rb and |
 Comments (0)
 Blog link
Rating: 0 
|
| MOAB-22-01-2007: Apple UserNotificationCenter Privilege Escalation Vulnerability |
| Published: January 22, 2007, 11:05 pm |
| Tags: Privilege Escalation |
| manager will run under wheel privileges. In combination with diskutil and a wheel-writable setuid binary, this allows unprivileged users to gain root privileges.Further information:Apple UserNotificationCenter Privilege Escalation VulnerabilityExploit: MOAB-22-01-2007.rbUpdate: updated exploit (now fat binaries are used, thus |
|
Comments (0)
Blog link
Rating: 0
|
| MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability |
| Published: January 21, 2007, 4:19 pm |
| Tags: Privilege Escalation |
| under root privileges.Further information:System Preferences writeconfig Local Privilege Escalation VulnerabilityExploit: MOAB-21-01-2007.rbThis week will be a really interesting one."Also, I'm pretty sure the SoD realized that writing to an SUID executable clears the SUID bit." -- Thomas Ptacek, Matasano.Actually, the problem |
|
Comments (0)
Blog link
Rating: 0
|
| MOAB-18-01-2007: Rumpus Multiple Vulnerabilities |
| Published: January 18, 2007, 2:42 pm |
| Tags: Heap Buffer Overflow, Remote, Privilege Escalation |
| service conditions and local privilege escalation issues. Due to the fact that Rumpus works under root privileges, successful exploitation by unprivileged users would allow a full compromise of the system. Most of these issues are related to both FTP and HTTP request parsing, as well as insecure use of the system() function |
|
Comments (0)
Blog link
Rating: 0
|
| MOAB-17-01-2007: Apple SLP Daemon Service Registration Buffer Overflow Vulnerability |
| Published: January 18, 2007, 2:16 am |
| Tags: Remote, Privilege Escalation, Memory Corruption |
| execution. It would allow unprivileged local (and possibly remote) users to execute arbitrary code under root privileges.For further information:Apple SLP Daemon Service Registration Buffer Overflow VulnerabilityProof of concept: MOAB-17-01-2007.rbThis issue was reported to Apple on 8/2/06 5:31 |
|
Comments (0)
Blog link
Rating: 0
|
| MOAB-15-01-2007: Multiple Mac OS X Local Privilege Escalation Vulnerabilities |
| Published: January 15, 2007, 7:00 pm |
| Tags: Flawed Design, Privilege Escalation, Diskutil |
| OS X installation), allowing privilege escalation. A malicious user can overwrite the binaries and perform a disk permissions repair operation via the diskutil tool, effectively setting back the default ownership and permissions (root setuid).Further information:MOAB-15-01-2007Exploit: MOAB-15-01-2007.rbThanks to Ian Silvester for |
|
Comments (0)
Blog link
Rating: 0
|
| MOAB-14-01-2007: AppleTalk ATPsndrsp() Heap Buffer Overflow Vulnerability |
| Published: January 14, 2007, 11:30 pm |
| Tags: Appletalk, Heap Buffer Overflow, Privilege Escalation, Kernel |
| code execution by unprivileged users.For further information: AppleTalk ATPsndrsp() Heap Buffer Overflow VulnerabilityProof of concept: MOAB-14-01-2007.cMore to come. In case you want to support the project, consider a donation for the 'get a mini' fund-raising :-). As soon as it gets worked out, advertisement should probably vanish. |
|
Comments (0)
Blog link
Rating: 0
|
| MOAB-08-01-2007: Application Enhancer (APE) Local Privilege Escalation |
| Published: January 8, 2007, 7:18 pm |
| Tags: Privilege Escalation, Ape |
| binary is executed with root privileges and drops them (via setuid to current user id), but the file is actually writable, as well as the whole tree under /Library/Frameworks, allowing the mentioned condition to be abused for privilege escalation.Further information:Application Enhancer (APE) Local Privilege EscalationMandatory |
|
Comments (0)
Blog link
Rating: 0
|
