Mac OS X Default Directory Copy Permissions May Let Local Users Gain Elevated Privileges
|
|
SecurityTracker Alert ID: 1008017
|
|
CVE Reference: CAN-2003-0876
(Links to External Site)
|
Date: Oct 28 2003
|
Impact: Modification of system information, Modification of user information, Root access via local system, User access via local system
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: @Stake - L0pht
|
Version(s): Mac OS X 10.2.8 and below
|
Description: Several file permission vulnerabilities were reported in Mac OS X. A local user may be able to gain elevated privileges on the target system.
@stake reported that many applications install files and directories with globally writable permissions. A variety of applications
is reported to be affected, but @stake did not disclose the applications.
It is also reported that there is a flaw in the operating
system. When a user drags a directory from a DMG disk image, the destination directory is reportedly configured with read, write,
and execute permissions, regardless of the original permissions on the source directory.
|
Impact: A local user may be able to replace an application binary with a modified binary to gain elevated privileges when a target user attempts to execute the application.
|
Solution: The vendor has released a fixed version of Mac OS X (10.3). In the fixed version, Finder will reportedly preserve the permissions on copied folders.
For more information, visit:
http://www.apple.com/macosx/
|
Vendor URL: www.apple.com/ (Links to External Site)
|
Cause: Configuration error
|
Underlying OS: UNIX (Mac OS X)
|
OS Comments: 10.2.8 and below
|
Reported By: "@stake Advisories" <advisories@atstake.com>
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
