Re: Mac OS X setuid root security hole

• Previous message: Adonis.No.Spam: "Attension acrobat PDF makers, Acrobat PDF protection is not that Secure"
• In reply to: rotaiv: "Mac OS X setuid root security hole"
• Next in thread: Kee Hinckley: "Re: Mac OS X setuid root security hole"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Just verified these steps against OSX Server 10.0.4.

-- 
-Ken Schweigert, Aspiring Network Administrator
Byte Productions, LLC


On Wed, Oct 17, 2001 at 12:53:13PM -0400, rotaiv wrote:
> I can't recall if I have seen this on BugTraq so forgive me if this is an 
> old issue.
> 
> Try these steps on an OS X machine (not logged in as root)
> 
>   - Open up the terminal application
>   - Quit the terminal application
>   - Open up NetInfo Manager (leave it in the foreground)
>   - Open up the Terminal application form the "Recent Items" list in the 
> Apple Menu.
> 
> You should now be logged in as root!
> 
> This was passed on to me from the "Macsec mailing list"
> http://www.macsecurity.org/mailman/listinfo/macsec

• Next message: Trustix Secure Linux Advisor: "TSLSA-2001-0023 - OpenSSH"
• Previous message: Adonis.No.Spam: "Attension acrobat PDF makers, Acrobat PDF protection is not that Secure"
• In reply to: rotaiv: "Mac OS X setuid root security hole"
• Next in thread: Kee Hinckley: "Re: Mac OS X setuid root security hole"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 17 2001 - 16:49:05 PDT