Computer Security
[EN] no-pyccku

Mac OS X crashdump symbolic links security vulnerability
SecurityVulns ID:7127
Threat Level:
Description:Symbolic links problem on creating dump file in user's home. Allows admin group user to escalate privileges to root.
Affected:APPLE : Mac OS X 10.4
CVE:CVE-2007-0467 (crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/.)
Original documentdocumentMOAB, MOAB-28-01-2007: Apple crashdump Privilege Escalation Vulnerability (29.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod