OS X Privilege Escalation

Apple Mac OS X 10.5 and 10.4 ARDagent (Apple Remote Desktop) contains a vulnerability that allows local users to gain root privileges through an AppleScript command. This issue was first presented last month, but now there are indications that this vulnerability is being actively exploited to install malicious software on target systems. Because this vulnerability is so easy to exploit, and allows root access, there is a potential for a lot of bad things to land on the system, such as rootkits.

At this time there has been no patch provided by Apple. Users are cautioned to only run trusted AppleScripts, and only install trusted applications.

Leave a Reply