PT-2008-3814 · Apple+1 · Disk Utility+2
Published
2008-08-04
·
Updated
2017-08-08
·
CVE-2008-2324
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Apple Mac OS X version 10.4.11
Description:
The issue concerns the Repair Permissions tool in Disk Utility, which incorrectly sets the setuid bit on the emacs executable file. This allows local users to execute commands within emacs and potentially gain privileges.
Recommendations:
For Apple Mac OS X version 10.4.11, remove the setuid bit from the emacs executable file to prevent local users from gaining privileges.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Disk Utility
Macos X
Emacs