Apple UserNotificationCenter Local Privilege Escalation Vulnerability
BID:22188
Info
Apple UserNotificationCenter Local Privilege Escalation Vulnerability
| Bugtraq ID: | 22188 |
| Class: | Design Error |
| CVE: |
CVE-2007-0023 |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 22 2007 12:00AM |
| Updated: | Feb 20 2007 08:27PM |
| Credit: | Lance M. Havok (LMH) <[email protected]> and Kevin Finisterre reported this issue. |
| Vulnerable: |
Apple Mac OS X Server 10.4.8 Apple Mac OS X 10.4.8 |
| Not Vulnerable: | |
Discussion
Apple UserNotificationCenter Local Privilege Escalation Vulnerability
Apple Mac OS X is prone to a local privilege-escalation vulnerability. This issue stems from a flaw in the UserNotificationCenter application that results in arbitrary code-execution with wheel-group privileges.
Exploiting this issue allows local attackers to gain elevated privileges, potentially leading to a complete compromise of affected computers.
This issue affects Apple Mac OS X version 10.4.8; other versions may also be affected.
Apple Mac OS X is prone to a local privilege-escalation vulnerability. This issue stems from a flaw in the UserNotificationCenter application that results in arbitrary code-execution with wheel-group privileges.
Exploiting this issue allows local attackers to gain elevated privileges, potentially leading to a complete compromise of affected computers.
This issue affects Apple Mac OS X version 10.4.8; other versions may also be affected.
Exploit / POC
Apple UserNotificationCenter Local Privilege Escalation Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Apple UserNotificationCenter Local Privilege Escalation Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Apple Mac OS X Server 10.4.8
Apple Mac OS X 10.4.8
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Apple Mac OS X Server 10.4.8
-
Apple SecUpd2007-002Ti.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13013&cat= 1&platform=osx&method=sa/SecUpd2007-002Ti.dmg -
Apple SecUpd2007-002Univ.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=13012&cat= 1&platform=osx&method=sa/SecUpd2007-002Univ.dmg
Apple Mac OS X 10.4.8
References
Apple UserNotificationCenter Local Privilege Escalation Vulnerability
References:
References:
- Mac OS X Homepage (Apple)
- MOAB-22-01-2007: Apple UserNotificationCenter Privilege Escalation Vulnerability (LMH and Kevin Finisterre)
- Vulnerability Note VU#315856 - Apple Mac OS X UserNotificationCenter privilege e (US-CERT)