|
|
CVE Reference: CVE-2006-4392 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4392 |
|
|
Description: The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/29281 ST 1016954 SREASON http://securityreason.com/securityalert/1663 SAID Secunia Advisory: SA22187 OSVDB 29269 MISC http://www.matasano.com/log/530/matasano-advisory-macos-x-mach-exception-server-privilege-escalation/ CERT-VN 838404 CERT http://www.us-cert.gov/cas/techalerts/TA06-275A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447396/100/0/threaded BID 20271 APPLE http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html |
|
| Return to the previous page. |
