Apple Mac OS X 'nonet' and 'nointernet' Sandbox Profile Security Bypass Vulnerability
BID:50716
Info
Apple Mac OS X 'nonet' and 'nointernet' Sandbox Profile Security Bypass Vulnerability
| Bugtraq ID: | 50716 |
| Class: | Design Error |
| CVE: |
CVE-2008-7303 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 09 2008 12:00AM |
| Updated: | Oct 09 2008 12:00AM |
| Credit: | Charlie Miller |
| Vulnerable: |
Apple Mac OS X 10.5.8 Apple Mac OS X 10.5.7 Apple Mac OS X 10.5.6 Apple Mac OS X 10.5.5 Apple Mac OS X 10.5.4 Apple Mac OS X 10.5.3 Apple Mac OS X 10.5.2 Apple Mac OS X 10.5.1 Apple Mac OS X 10.5 Apple Mac OS X 10.5 |
| Not Vulnerable: | |
Discussion
Apple Mac OS X 'nonet' and 'nointernet' Sandbox Profile Security Bypass Vulnerability
Apple Mac OS X is prone to a remote security-bypass vulnerability.
An attacker can exploit this issue to gain access to certain network resources. Successful exploits will lead to other attacks.
This issue only affects Apple Mac OS X 10.5.
Apple Mac OS X is prone to a remote security-bypass vulnerability.
An attacker can exploit this issue to gain access to certain network resources. Successful exploits will lead to other attacks.
This issue only affects Apple Mac OS X 10.5.
Exploit / POC
Apple Mac OS X 'nonet' and 'nointernet' Sandbox Profile Security Bypass Vulnerability
An attacker can exploit this issue by constructing a malicious application.
An attacker can exploit this issue by constructing a malicious application.
Solution / Fix
Apple Mac OS X 'nonet' and 'nointernet' Sandbox Profile Security Bypass Vulnerability
Solution:
Updates are available. Please contact the vendor for more information.
Solution:
Updates are available. Please contact the vendor for more information.
References
Apple Mac OS X 'nonet' and 'nointernet' Sandbox Profile Security Bypass Vulnerability
References:
References:
- Mac OS X Homepage (Apple)
- Owning the Fanboys: Hacking Mac OS X (Charlie Miller)