Computer Security
[EN] no-pyccku

Apple MacOS X Xcode OpenBase SQL privilege escalation
updated since 16.10.2006
SecurityVulns ID:6724
Threat Level:
Description:On executing tar from suid root application TAR_OPTIONS environment variable is not unset, making it possible to execute any application with root privileges. External application are executed with relative path. Dynamic libraries are loaded with relative path. Symbolic links problem.
Affected:XCODE : Xcode OpenBase 9.1
 XCODE : Xcode OpenBase 10.0
Original documentdocumentKevin Finisterre, [Full-disclosure] OpenBase SQL multiple vulnerabilities Part Deux (08.11.2006)
Files:Xcode OpenBase <= 9.1.5 Local Root Exploit (OSX)
 Exploits XCode OpenBase SQL unsafe system() call
 Exploits XCode OpenBase SQL symlink

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod