vendor:
by:
Kevin Finisterre, Lance M. Havok
N/A
CVSS
N/A
The given Ruby script is an exploit that escalates privileges on a macOS system by exploiting a vulnerability in CrashReporter. The exploit involves creating a symlink to a known program crash log file, creating a program with a modified __LINKEDIT segment, running the fake program to crash and create a file at /var/cron/tabs/root, and then […]
CWE
Product Name:
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: macOS
2007
The given Ruby script is an exploit that escalates privileges on a macOS system by exploiting a vulnerability in CrashReporter. The exploit involves creating a symlink to a known program crash log file, creating a program with a modified __LINKEDIT segment, running the fake program to crash and create a file at /var/cron/tabs/root, and then creating a legitimate crontab to refresh cron. By doing this, the exploit gains root access to the system.
Mitigation:
To mitigate this vulnerability, users should ensure that their systems are up to date with the latest security patches. Additionally, users should regularly monitor their system logs for any suspicious activity.