[Full-disclosure] Mac OS X - malloc() local privilege escalation vulnerability.
Sun Sep 25 13:34:26 BST 2005
Suresec Security Advisory - #00007
25/09/2005
Mac OS X - malloc() insecure use of environment variable.
Advisory: http://www.suresec.org/advisories/adv7.pdf
Description:
The malloc() function on Mac OS X insecurely trusts a debug variable,
regardless of the fact that the calling application may be suid root.
This can result in an arbitrary file being overwritten, which can be
used to escalate privileges.
This vulnerability was discovered by Ilja van Sprundel.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050925/4fd5a9b8/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.