Full Disclosure: Re: Mac OS X - malloc() local privilege escalation vulnerability.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Mac OS X - malloc() local privilege escalation vulnerability.

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Mon, 26 Sep 2005 20:02:46 +0400

Dear [ Suresec Advisories ],

Well...  another  one reason to do not write messages in HTML - the link
points  to  adv6.pdf  instead of adv7.pdf while the text is correct. Let
readers  to  choose  font  and  colors to read your message, write it in
plain text.

-- 
~/ZARAZA
http://www.security.nnov.ru/

--Sunday, September 25, 2005, 4:34:26 PM, you wrote to full-disclosure () lists grok org uk:

SA> Suresec Security Advisory - #00007 

SA> 25/09/2005





SA> Mac OS X - malloc() insecure use of environment variable.
SA>  Advisory: http://www.suresec.org/advisories/adv7.pdf 

SA> Description: 

SA> The malloc() function on Mac OS X insecurely trusts a debug
SA> variable, regardless of the fact that the calling application may be
SA> suid root.

SA> This can result in an arbitrary file being overwritten, which
SA> can be used to escalate privileges.  

SA> This vulnerability was discovered by Ilja van Sprundel. 







_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Mac OS X - malloc() local privilege escalation vulnerability. [ Suresec Advisories ] (Sep 25)
- Re: Mac OS X - malloc() local privilege escalation vulnerability. 3APA3A (Sep 26)