Vulnerabilities > CVE-2007-0022 - Local Privilege Escalation vulnerability in Apple mac OS X 10.4.8
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_SECUPD2007-004.NASL |
description | The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2007-004 applied. This update fixes security flaws in the following applications : AFP Client AirPort CarbonCore diskdev_cmds fetchmail ftpd gnutar Help Viewer HID Family Installer Kerberos Libinfo Login Window network_cmds SMB System Configuration URLMount Video Conference WebDAV |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25081 |
published | 2007-04-21 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25081 |
title | Mac OS X Multiple Vulnerabilities (Security Update 2007-004) |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/53873/MOAB-21-01-2007.rb.txt |
id | PACKETSTORM:53873 |
last seen | 2016-12-05 |
published | 2007-01-24 |
reporter | Kevin Finisterre |
source | https://packetstormsecurity.com/files/53873/MOAB-21-01-2007.rb.txt.html |
title | MOAB-21-01-2007.rb.txt |
References
- http://docs.info.apple.com/article.html?artnum=305391
- http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
- http://projects.info-pull.com/moab/MOAB-21-01-2007.html
- http://secunia.com/advisories/23793
- http://secunia.com/advisories/24966
- http://www.osvdb.org/31605
- http://www.securityfocus.com/bid/22148
- http://www.securitytracker.com/id?1017941
- http://www.us-cert.gov/cas/techalerts/TA07-109A.html
- http://www.vupen.com/english/advisories/2007/0074
- http://www.vupen.com/english/advisories/2007/1470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31677