Lucene search
SAINT CorporationSAINT:873E9FF0B4253467D5A57756F0952B39HistoryApr 14, 2015 - 12:00 a.m.
OS X rootpipe privilege elevation
2015-04-1400:00:00
SAINT Corporation
www.saintcorporation.com
21
0.0005 Low
EPSS
Percentile
14.6%
Added: 04/14/2015
CVE: CVE-2015-1130
BID: 73982
OSVDB: 120418
Background
OS X is an operating system for Mac computers.
Problem
The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges.
Resolution
Upgrade to OS X 10.10.3 or apply security update 2015-004.
References
<https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/>
Limitations
Exploit works on OS X 10.10 and requires an existing unprivileged connection.
Platforms
Mac OS X
Related
seebug
seebug
Mac OS X < 10.7.5, 10.8.2, 10.9.5 10.10.2 - rootpipe 本地提权漏洞
2015-09-10 00:00:00
saint
saint
OS X rootpipe privilege elevation
2015-04-14 00:00:00
OS X rootpipe privilege elevation
2015-04-14 00:00:00
OS X rootpipe privilege elevation
2015-04-14 00:00:00
metasploit
metasploit
Apple OS X Rootpipe Privilege Escalation
2015-04-10 16:22:00
zdt
zdt
Mac OS X rootpipe Local Privilege Escalation Exploit
2015-04-09 00:00:00
Mac OS X Rootpipe Privilege Escalation Exploit
2015-04-12 00:00:00
packetstorm
packetstorm
Mac OS X Rootpipe Privilege Escalation
2015-04-10 00:00:00
Mac OS X rootpipe Local Privilege Escalation
2015-04-09 00:00:00
canvas
canvas
Immunity Canvas: ROOTPIPE
2015-04-10 14:59:00
thn
thn
Apple Failed to Patch Rootpipe Mac OS X Yosemite Vulnerability
2015-04-20 23:31:00
cve
cve
CVE-2015-1130
2015-04-10 14:59:00
cisa_kev
cisa_kev
Apple OS X Authentication Bypass Vulnerability
2022-02-10 00:00:00
exploitpack
exploitpack
attackerkb
attackerkb
CVE-2015-1130
2015-04-10 00:00:00
prion
prion
Authentication flaw
2015-04-10 14:59:00
exploitdb
exploitdb
cisa
cisa
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-02-10 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 Apr15
2015-04-24 00:00:00
securityvulns
securityvulns
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
2015-04-09 00:00:00
Apple Mac OS X multiple security vulnerabilities
2015-04-13 00:00:00
nessus
nessus
Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)
2015-04-10 00:00:00