Vulnerabilities > CVE-2003-0171 - Unspecified vulnerability in Apple mac OS X and mac OS X Server
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.
Vulnerable Configurations
Exploit-Db
| description | Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit. CVE-2003-0171. Local exploit for osx platform |
| id | EDB-ID:15 |
| last seen | 2016-01-31 |
| modified | 2003-04-18 |
| published | 2003-04-18 |
| reporter | Neeko Oni |
| source | https://www.exploit-db.com/download/15/ |
| title | Mac OS X <= 10.2.4 DirectoryService PATH Local Root Exploit |