MOAB-08-01-2007: Application Enhancer (APE) Local Privilege Escalation

Published: January 8, 2007, 7:18 pm

Application Enhancer (APE) is affected by different issues, one of them is a local privilege escalation vulnerability which allows local users to gain root privileges in the system by either patching the ApplicationEnhancer binary or replacing it. This binary is executed with root privileges and drops them (via setuid to current user id), but the file is actually writable, as well as the whole tree under /Library/Frameworks, allowing the mentioned condition to be abused for privilege escalation.Further information:Application Enhancer (APE) Local Privilege EscalationMandatory exploit: exploit-of-the-apes.rbUpdate: We just received an e-mail suggesting that Unsanity might have fixed this issue silently (replacing their available DMG of the 2.0.2 release with a new one). Until we verify that, we can't assume they really did it (which would be the most probable reaction at their side, though). A short (yet detailed) explanation is available at the MoAB Fixes Google

[ Full article ]

Blog link

Rating: 0

Comments