Lab Notes

Musings on Wi-Fi security issues, our product plans, and the general state of the world. Follow up with your comments and complaints to Lab Notes's .

Major Privilege Escalation Bug in Mac OS X 10.4 and 10.5

In case you haven't seen it, any user with an account (admin or not) on Tiger or Leopard can run any command as root. Contrary to some published reports, physical access to the machine is not required; commands can be executed over an SSH or ARD/VNC connection as well.
By Periodik Labs on June 19, 2008 11:04 AM |

Search

Recent Entries

Creating a Rogue CA Certificate
Major Privilege Escalation Bug in Mac OS X 10.4 and 10.5
Overheard at the WWDC Keynote
iPhone 2.0 to Include 802.1X
Time Capsule
New Xserves
Mac OS X 10.5.1
Elektron and Leopard
Elektron 2.0.1755
AirPort Base Station Update 2007-002

Monthly Archives

December 2008 (1)
June 2008 (2)
March 2008 (1)
January 2008 (2)
November 2007 (1)
October 2007 (1)
September 2007 (1)
August 2007 (1)
July 2007 (8)
June 2007 (16)
November 2005 (8)
October 2005 (13)
September 2005 (22)
August 2005 (23)
July 2005 (21)
June 2005 (26)
May 2005 (23)
April 2005 (23)
March 2005 (25)
February 2005 (23)
January 2005 (29)
December 2004 (32)
November 2004 (32)





Subscribe to Lab Notes