Vulnerabilities > CVE-2017-7643 - Unspecified vulnerability in Proxifier
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Exploit-Db
description Proxifier for Mac 2.19 - Local Privilege Escalation. CVE-2017-7690. Local exploit for macOS platform. Tags: Local file exploits/macos/local/43225.sh id EDB-ID:43225 last seen 2017-12-06 modified 2017-12-06 platform macos port published 2017-12-06 reporter Exploit-DB source https://www.exploit-db.com/download/43225/ title Proxifier for Mac 2.19 - Local Privilege Escalation type local description Proxifier for Mac 2.17 / 2.18 - Privesc Escalation. CVE-2017-7643. Local exploit for macOS platform. Tags: Local file exploits/macos/local/41854.txt id EDB-ID:41854 last seen 2017-04-11 modified 2017-04-11 platform macos port published 2017-04-11 reporter Exploit-DB source https://www.exploit-db.com/download/41854/ title Proxifier for Mac 2.17 / 2.18 - Privesc Escalation type local
Packetstorm
data source https://packetstormsecurity.com/files/download/145239/proxifierformac219-escalate.txt id PACKETSTORM:145239 last seen 2017-12-07 published 2017-12-06 reporter Mark Wadham source https://packetstormsecurity.com/files/145239/Proxifier-For-Mac-2.19-Local-Privilege-Escalation.html title Proxifier For Mac 2.19 Local Privilege Escalation data source https://packetstormsecurity.com/files/download/142117/proxifier219-escalate.txt id PACKETSTORM:142117 last seen 2017-04-13 published 2017-04-12 reporter Mark Wadham source https://packetstormsecurity.com/files/142117/Proxifier-2.19-Privilege-Escalation-Code-Execution.html title Proxifier 2.19 Privilege Escalation / Code Execution data source https://packetstormsecurity.com/files/download/142093/proxifier218-escalate.txt id PACKETSTORM:142093 last seen 2017-04-11 published 2017-04-11 reporter Mark Wadham source https://packetstormsecurity.com/files/142093/Proxifier-2.18-Privilege-Escalation-Code-Execution.html title Proxifier 2.18 Privilege Escalation / Code Execution
References
- http://seclists.org/fulldisclosure/2017/Apr/54
- http://seclists.org/fulldisclosure/2017/Apr/54
- https://m4.rkw.io/blog/cve20177643-local-root-privesc-in-proxifier-for-mac--218.html
- https://m4.rkw.io/blog/cve20177643-local-root-privesc-in-proxifier-for-mac--218.html
- https://www.exploit-db.com/exploits/41854/
- https://www.exploit-db.com/exploits/41854/