Mac OS X Kernel Mach Exception Ports Local Privilege Escalation

2006-09-27T16:18:57
ID OSVDB:29269
Type osvdb
Reporter Dino Dai Zovi()
Modified 2006-09-27T16:18:57

Description

Vulnerability Description

Mac OS X contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the exception handling mechanism for a privileged program is subverted by a local user who has access to the privileged program, such as a SUID binary. This flaw may lead to a loss of integrity.

Solution Description

Upgrade to version 10.4.8 or higher, as it has been reported to fix this vulnerability. Apple has also supplied Security Update 2006-006 for Mac OS 10.3.9. An upgrade is required as there are no known workarounds.

Short Description

Mac OS X contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the exception handling mechanism for a privileged program is subverted by a local user who has access to the privileged program, such as a SUID binary. This flaw may lead to a loss of integrity.

References:

Vendor Specific News/Changelog Entry: http://docs.info.apple.com/article.html?artnum=304460 Secunia Advisory ID:22187 Related OSVDB ID: 29268 Related OSVDB ID: 29273 Related OSVDB ID: 29270 Related OSVDB ID: 29276 Related OSVDB ID: 29267 Related OSVDB ID: 29271 Related OSVDB ID: 29272 Related OSVDB ID: 29274 Related OSVDB ID: 29275 Other Advisory URL: http://www.matasano.com/log/530/matasano-advisory-macos-x-mach-exception-server-privilege-escalation/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0505.html CVE-2006-4392