Title: MacOS X NetInfo Manager Privilege Escalation Vulnerability
Severity: MODERATE
Description:
MacOS X is prone to an issue which will allow a local attacker to gain root privileges on the host.
When a user executes a program, the application is added as a 'Recent Item' in NetInfo Manager. This feature allows users to quickly re-run the program from the 'Recent Items' menu.
NetInfo Manager, which runs as root, does not drop superuser privileges when it spawns applications in the 'Recent Items' list. As a result, an attacker can have arbitrary programs executed with root privileges.
This is especially dangerous if MacOS X is run in a multi-user environment because any local user can exploit this issue to gain root privileges. Otherwise, the attacker would need physical access to the host.
This problem is not exclusive to the 'Recent Items' list. The 'Services' menu is also prone to this issue.
Affected Products:
- Apple Mac OS X 10.0.0
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.1.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
