6 matches found
CVE-2015-3673
creationtimestamp| type| source ---|---|--- 2015-08-31 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/38036 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/rootpipeentitlements.rb 2025-02-06 03:13:42+00:00| see...
Apple Mac OSX Entitlements - 'Rootpipe' Local Privilege Escalation (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Apple OS X Entitlements Rootpipe Privilege Escalation', 'Description' = %q This module exploits the rootpipe vulnerability and...
Apple OS X Entitlements Rootpipe Privilege Escalation Exploit
This Metasploit module exploits the rootpipe vulnerability and bypasses Apple's initial fix for the issue by injecting code into a process with the 'admin.writeconfig' entitlement. This module requires Metasploit: http://metasploit.com/download Current source:...
Apple OS X Entitlements Rootpipe Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Apple OS X Entitlements Rootpipe Privilege Escalation', 'Description' = %q This module exploits the rootpipe vulnerability and...
Immunity Canvas: OSX_ROOTPIPE2
Name| osxrootpipe2 ---|--- CVE| CVE-2015-3673 Exploit Pack| CANVAS Description| OS X XPC Admin Framework rootpipe 2 local privilege escalation Notes| CVE Name: CVE-2015-3673 VENDOR: Apple Notes: Rootpipe 2 for Mac OS X 10.10.3 Repeatability: Multiple Times References:...
CVE-2015-3673
CVE-2015-3673 affects Apple OS X prior to 10.10.4. The issue stems from the Admin Framework not properly restricting the location of writeconfig clients, enabling local users to obtain root privileges by moving and then modifying Directory Utility. Public references include exploits and PoCs (e.g...