Le 20 juin 08 à 06:09, Ken Thomases a écrit :
On Jun 19, 2008, at 10:39 PM, Jens Alfke wrote:
It might not be a bad idea to proactively disarm this vulnerability
on your own machine(s), as I just did:
sudo chmod -s System/Library/CoreServices/RemoteManagement/
ARDAgent.app/ARDAgent
Tha
On Jun 19, 2008, at 9:10 PM, Jerry LeVan wrote:
I removed my user name from the "allow access from only these users"
and the
hack quit working...
I added myself back in and turned on all of the options and the hack
still
does not work...
Apparently, the attack only works if Remote Manag
On 20 Jun 2008, at 05:10, Jerry LeVan wrote:
On Jun 19, 2008, at 11:39 PM, Jens Alfke wrote:
It might not be a bad idea to proactively disarm this vulnerability
on your own machine(s), as I just did:
sudo chmod -s System/Library/CoreServices/RemoteManagement/
ARDAgent.app/ARDAgent
Tha
On Jun 19, 2008, at 11:39 PM, Jens Alfke wrote:
It might not be a bad idea to proactively disarm this vulnerability
on your own machine(s), as I just did:
sudo chmod -s System/Library/CoreServices/RemoteManagement/
ARDAgent.app/ARDAgent
That turns off the setuid bit. I'm sure that'll bre
On Jun 19, 2008, at 10:39 PM, Jens Alfke wrote:
It might not be a bad idea to proactively disarm this vulnerability
on your own machine(s), as I just did:
sudo chmod -s System/Library/CoreServices/RemoteManagement/
ARDAgent.app/ARDAgent
That's
sudo chmod -s /System/Library/CoreServices/
It might not be a bad idea to proactively disarm this vulnerability on
your own machine(s), as I just did:
sudo chmod -s System/Library/CoreServices/RemoteManagement/
ARDAgent.app/ARDAgent
That turns off the setuid bit. I'm sure that'll break Remote Desktop
functionality, but that's still
On 19 Jun 08, at 07:22, Jerry LeVan wrote:
Last night while browsing Slashdot I found this:
http://it.slashdot.org/it/08/06/18/1919224.shtml
It gives a simple command that can be used to
basically execute code as root.
osascript -e 'tell app "ARDAgent" to do shell script "whoami"'
The above w
cript support (including "do shell script"), so any Cocoa app
that runs with suid is a security risk unless you short circuit the
Foundation scripting support.
Cheers,
Chuck
--- On Thu, 6/19/08, Jerry LeVan <[EMAIL PROTECTED]> wrote:
From: Jerry LeVan <[EMAIL PROTECTED]>
Su
scripting support.
Cheers,
Chuck
--- On Thu, 6/19/08, Jerry LeVan <[EMAIL PROTECTED]> wrote:
> From: Jerry LeVan <[EMAIL PROTECTED]>
> Subject: Cocoa can be used to execute arbitrary (privileged) code !
> To: "cocoa-Dev Dev"
> Date: Thursday, June 19, 2008, 7:22 AM
hi-
There are better ways to do this, but I'm not commenting. :-)
thanks!-
-lance
On Jun 19, 2008, at 10:22 AM, Jerry LeVan wrote:
Last night while browsing Slashdot I found this:
http://it.slashdot.org/it/08/06/18/1919224.shtml
It gives a simple command that can be used to
basically execut
Last night while browsing Slashdot I found this:
http://it.slashdot.org/it/08/06/18/1919224.shtml
It gives a simple command that can be used to
basically execute code as root.
osascript -e 'tell app "ARDAgent" to do shell script "whoami"'
The above will print "root" and replacing "whoami" will
11 matches
Mail list logo
