Neutering the Apple Remote Desktop exploit

hackaday.com » 2008 » June » 19^th » Neutering the Apple Remote Desktop exploit

Tagged: osx, exploit, tuaw, slashdot, applescript, ard, appleremotedesktop, ardagent

Filed under: macs hacks, security hacks Yesterday, Slashdot reported a privilege escalation vulnerability in OSX. Using AppleScript you can tell the ARDAgent to execute arbitrary shell script. Since, ARDAgent is running as root, all child processes inherit root privleges. Intego points out that if the user has activated Apple Remote Desktop sharing the ARDAgent can't be exploited in this … Continue Reading »

Latest news from Hack a Day:

Electric bicycle
Passively cooled computer
Gas powered Vacuum sucks hard anywhere
Vocal mouse control
Android hacks roundup

Latest news from hackaday.com:

Drawdio kit lets you make music while you draw
Gizmodo’s guide to smartphone OSes
Palin hacking roundup
XKCD inspires YouTube feature
Buy an Eee Box and get a free virus

Neutering the Apple Remote Desktop exploit

hackaday.com » 2008 » June » 19th » Neutering the Apple Remote Desktop exploit

Latest news from Hack a Day:

Latest news from hackaday.com:

hackaday.com » 2008 » June » 19^th » Neutering the Apple Remote Desktop exploit