CVE-2006-4392
CVE-2006-4392
The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function.
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/2464unverifiedexploitdbwww.exploit-db.com/exploits/2463unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.htmlhttp://secunia.com/advisories/22187http://securityreason.com/securityalert/1663http://securitytracker.com/id?1016954https://exchange.xforce.ibmcloud.com/vulnerabilities/29281http://www.kb.cert.org/vuls/id/838404http://www.matasano.com/log/530/matasano-advisory-macos-x-mach-exception-server-privilege-escalation/http://www.osvdb.org/29269http://www.securityfocus.com/archive/1/447396/100/0/threadedhttp://www.securityfocus.com/bid/20271http://www.us-cert.gov/cas/techalerts/TA06-275A.htmlhttp://www.vupen.com/english/advisories/2006/3852