Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
From: ph0enix <ph0enix () justonemorething org>
Date: Thu, 19 May 2005 14:31:43 +0200

widget.system("sudo id >> /tmp/out", null);

ok, but this is not only specific to Dashboard widgets or Mac OS X 10.4. This is also possible with every other malicious application which waits in the background until the user hits the sudo command to elevate its privileges. Also, if you remove the password grace period in the /etc/sudoers file, the trick will not work.

www.osvdb.org -- everything is vulnerable.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]