Saturday, August 31, 2013

Mac OS X Sudo Password Bypass

An unaddressed five-month-old flaw in Apple's Mac OS X gives hackers near unlimited access to files by altering clock and user timestamp settings. As reported by Ars Technica, a bug discovered five months ago has received renewed interest due to the creation of a new module in testing software Metasploit, which can life easier for hackers looking to exploit the Mac vulnerability. The bug revolves around a Unix component called sudo. The program is designed to require a password before "super user" privileges are granted to an account -- giving access to other user files. <more>

No comments: