Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Root-Level Exploit for OSX LaunchD Service InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Root-Level Exploit for OSX LaunchD Service

Published: 2006-06-30
Last Updated: 2006-06-30 20:21:20 UTC
by David Goldsmith (Version: 1)
0 comment(s)
The diary entry from June 28th covered the release of the new version of OS X 10.4.7 which addressed various security issues.  There is now a publicly available exploit taking advantage of the format string vulnerability with the LaunchD daemon in versions of OS X up to and including 10.4.6 which can result in an attacker gaining root access on the system.

You can get more information about the vulnerability and exploit from Security Focus.

If you haven't already installed the update, time to get moving.

Thanks to Juha-Matti for the information.

0 comment(s)
Diary Archives