Vulnerabilities > CVE-2001-1447 - Privilege Escalation vulnerability in MacOS X NetInfo Manager

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

apple

NVD

Published: 2001-10-17

Updated: 2017-07-11

Summary

NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.

Vulnerable Configurations

Part	Description	Count
OS	Apple Apple MAC OS X 10.0 Apple MAC OS X 10.0.1 Apple MAC OS X 10.0.2 Apple MAC OS X 10.0.3 Apple MAC OS X 10.0.4 Apple MAC OS X 10.1	6

References

http://archives.neohapsis.com/archives/bugtraq/2001-10/0121.html
http://archives.neohapsis.com/archives/bugtraq/2001-10/0130.html
http://www.ciac.org/ciac/bulletins/m-007.shtml
http://www.kb.cert.org/vuls/id/945747
http://www.securityfocus.com/bid/3439
https://exchange.xforce.ibmcloud.com/vulnerabilities/7303