Mac OS X setuid root security hole

• Previous message: TAKAGI, Hiromitsu: "Mac OS X v10.0.x J2SE v1.3 clipboard tapping vulnerability"
• In reply to: X-Force: "ISS Security Advisory: Citrix MetaFrame Remote Denial of Service Vulnerability"
• Next in thread: Florian Kohl: "Re: Mac OS X setuid root security hole"
• Reply: Florian Kohl: "Re: Mac OS X setuid root security hole"
• Reply: Chris Adams: "Re: Mac OS X setuid root security hole"
• Reply: Ken Schweigert: "Re: Mac OS X setuid root security hole"
• Reply: Kee Hinckley: "Re: Mac OS X setuid root security hole"
• Reply: Chris Adams: "Re: Mac OS X setuid root security hole"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I can't recall if I have seen this on BugTraq so forgive me if this is an 
old issue.

Try these steps on an OS X machine (not logged in as root)

  - Open up the terminal application
  - Quit the terminal application
  - Open up NetInfo Manager (leave it in the foreground)
  - Open up the Terminal application form the "Recent Items" list in the 
Apple Menu.

You should now be logged in as root!

This was passed on to me from the "Macsec mailing list"
http://www.macsecurity.org/mailman/listinfo/macsec

• Next message: Florian Kohl: "Re: Mac OS X setuid root security hole"
• Previous message: TAKAGI, Hiromitsu: "Mac OS X v10.0.x J2SE v1.3 clipboard tapping vulnerability"
• In reply to: X-Force: "ISS Security Advisory: Citrix MetaFrame Remote Denial of Service Vulnerability"
• Next in thread: Florian Kohl: "Re: Mac OS X setuid root security hole"
• Reply: Florian Kohl: "Re: Mac OS X setuid root security hole"
• Reply: Chris Adams: "Re: Mac OS X setuid root security hole"
• Reply: Ken Schweigert: "Re: Mac OS X setuid root security hole"
• Reply: Kee Hinckley: "Re: Mac OS X setuid root security hole"
• Reply: Chris Adams: "Re: Mac OS X setuid root security hole"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 10:53:41 PDT