NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) recent items and (2) services menus, which causes the applications to run with root privileges.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mac_os_x | Apple | 10.0 (including) | 10.0 (including) |
| Mac_os_x | Apple | 10.0.1 (including) | 10.0.1 (including) |
| Mac_os_x | Apple | 10.0.2 (including) | 10.0.2 (including) |
| Mac_os_x | Apple | 10.0.3 (including) | 10.0.3 (including) |
| Mac_os_x | Apple | 10.0.4 (including) | 10.0.4 (including) |
| Mac_os_x | Apple | 10.1 (including) | 10.1 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0121.html
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0130.html
- http://www.ciac.org/ciac/bulletins/m-007.shtml
- http://www.kb.cert.org/vuls/id/945747
- http://www.securityfocus.com/bid/3439
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7303
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0121.html
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0130.html
- http://www.ciac.org/ciac/bulletins/m-007.shtml
- http://www.kb.cert.org/vuls/id/945747
- http://www.securityfocus.com/bid/3439
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7303