Xcode OpenBase 10.0.0 (OSX) - Symlink Privilege Escalation

!/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $ret = pack"l", $retval; $a,$b = split/:/,$tgts"$target"; print " Target: $a $b\n";...

Xcode OpenBase 10.0.0 (OSX) - Unsafe System Call Privilege Escalation

Xcode OpenBase 10.0.0 OSX - Unsafe System Call Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a - $b\n"; print "\n"; exit 1; $ret =...

Xcode OpenBase <= 10.0.0 (unsafe system call) Local Root Exploit (OSX)

Exploit for macOS platform in category local exploits ====================================================================== Xcode OpenBase \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a - $b\n"; print "\n"; exit 1; $ret = pack"l", $retval; $a,$b =...

Xcode OpenBase <= 10.0.0 (symlink) Local Root Exploit (OSX)

Exploit for macOS platform in category local exploits =========================================================== Xcode OpenBase \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $ret = pack"l", $retval; $a,$b =...

[Full-disclosure] OpenBase SQL multiple vulnerabilities Part Deux

DMA2006-1107a - 'OpenBase SQL multiple vulnerabilities Part Deux' Author: Kevin Finisterre Vendors: http://www.openbase.com Product: 'OpenBase SQL =10.0 ?' References: http://www.digitalmunition.com/DMA2006-1107a.txt Description: regurgitation warning - this may taste VERY familiar For over a...

Apple MacOS X Xcode OpenBase SQL privilege escalation

On executing tar from suid root application TAROPTIONS environment variable is not unset, making it possible to execute any application with root privileges. External application are executed with relative path. Dynamic libraries are loaded with relative path. Symbolic links problem...

Xcode OpenBase &lt;= 9.1.5 Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will This is an exploit for a 3rd party program that has...

Apple Xcode WebObjects插件权限提升漏洞

Xcode是苹果机器上所使用的开发工具。 Xcode在以高权限调用外部工具时存在漏洞，本地攻击者可能利用此漏洞提升自己的权限。 Xcode需要使用OpenBase技术为WebObjects组件提供额外的功能。OpenBase库在调用/Library/OpenBase/bin/gnutar时没有正确地使用setuid权限，在以euid=0运行OpenBase时调用了gnutar。通过使用TAROPTIONS环境变量就可以强制gnutar没有指定路径便调用gzip，因此攻击者可以通过控制PATH变量获得root权限。 Apple XCode 2.2 OpenBase OpenBase...

CVE-2006-5328

OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file...

CVE-2006-5327

Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain...

CVE-2006-5328

OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file...

CVE-2006-5328

OpenBase SQL 10.0 and earlier (as used in Apple Xcode 2.2 and earlier) is affected by a local privilege escalation vulnerability where an attacker can create arbitrary files via a symlink attack on the simulation.sql file. The root cause is a symlink handling flaw that allows a local user to leve...

CVE-2006-5327

Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain...

CVE-2006-5327

CVE-2006-5327 describes an untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, including usage in Apple Xcode 2.2 and earlier. A local attacker can execute arbitrary code by placing a malicious gzip executable on a modified PATH, which is then invoked by gnutar under certain TAR...

Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation

Xcode OpenBase 9.1.5 OSX - Root File Create Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file...

Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation

!/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file anywhere on the filesystem with rw-rw-rw privs. Sorry you can NOT...

Xcode OpenBase <= 9.1.5 (root file create) Local Root Exploit (OSX)

Exploit for macOS platform in category local exploits =================================================================== Xcode OpenBase = 9.1.5 root file create Local Root Exploit OSX =================================================================== !/usr/bin/perl http://www.digitalmunition.co...

Xcode OpenBase &lt;= 9.1.5 (root file create) Local Root Exploit (OSX)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will Create a new file anywhere on the filesystem with...

Xcode OpenBase 9.1.5 (OSX) - Local Privilege Escalation

Xcode OpenBase 9.1.5 OSX - Local Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom http://docs.info.apple.com/article.html?artnum=61798 This won't help ftp://www.openbase.com/pub/OpenBase10.0 This will This is an exploit for a 3rd part...

Xcode OpenBase <= 9.1.5 Local Root Exploit (OSX)

Exploit for macOS platform in category local exploits ================================================ Xcode OpenBase \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $ret = pack"l", $retval; $a,$b = spli...