Mac OS X Lion (10.7) Security Issue

August 19, 2011 • 1 min read

Mac OS X Lion (10.7) contains a security issue which can allow non-root users access to the password hashes as well as ability to change the password without authenticating the current password. Read more at “Defence in Depth” including full details, scenarios and temporary fixes.

About the Author

SecureMac is dedicated to cutting through the noise and helping people stay safe, informed, and confident with their Macs. Lover of all things mac-security.

Next Read

Security

Mac OS X Security Issue – Screensaver Security Issue/Hack

Security Issue: Mac OS X Screensaver Password Protection Bug

Systems Vulnerable: Mac OS X 10.2.6 and prior
Date Fixed: TBA

Apple’s Mac OS X screensaver apparently contains a buffer overflow vulnerability that causes the screensaver to dump not requiring the user to enter a legitimate username and password.

When enabling the password protection on the Mac OS X screensaver users are required to authenticate before leaving the screensaver to gain access to the desktop again. Delfim Machado notified Apple that he had learned of a bug that caused the screensaver to exit without properly …

July 7, 2003 • 1 min read

Security

Mac OS X Security Issue: Screen Lock Security Bypass Mac OS X 10.3 Panther

Affected Product: Mac OS X 10.3 Build 7B85
Severity: Low
Impact: Security Bypass
Where: Local System
Author: CodeSamurai (codesamurai@mac.com)

VULNERABILITY

With access to the keyboard, an unauthorized user can access the currently active screen-locked user environment. However, there is only a relatively small opening in the period of time in which the keys events get through; completing complicated operations at the keyboard have shown to be highly tedious in actual practice thus far.

EXPLOIT

With the screen effect active, keys pressed before the authentication window appears will be sent to the general user environment.

PRACTICAL TESTS

Tested Examples:

An open word …

October 4, 2003 • 2 min read

Security

Cisco VPN UNIX Mac OS X Client Security Issue

About Cisco VPN Client

The Cisco VPN (Virtual Private Network) Client establishes an encrypted tunnel between a local system and a Cisco VPN Concentrator. The tunnel provides confidentiality and integrity for the data in transit, allowing a user on the local system to securely connect to a corporate network via a public, possibly untrusted network.

Information

Cisco’s VPN Client for Mac OS X, Linux and Solaris contains a security vulnerability which results in administrative privileges via a exploit. The Virtual Private Network (VPN) client allows for the Non-Windows platform to function over a …

June 4, 2002 • 4 min read

Security

Mac OS X Security Issue – TruBlueEnvironment Privilege Escalation Attack

Computers running Mac OS X prior to 10.2.4 and unpatched contain a vulnerability that can be exploited to create files that can be run at elevated privileges because of the TruBlueEnvironment. Included is the security advisory covering the issue discovered by @Stake’s Dave.

For those unable to update they can change the permissions of the vulnerable files to the admin group.

sudo chown .admin /System/Library/CoreServices/Classic\ Startup.app/Contents/Resources/TruBlueEnvironment

sudo chmod 4750 /System/Library/CoreServices/Classic\ Startup.app/Contents/Resources/TruBlueEnvironment

Security Advisory

Advisory Name: TruBlueEnvironment Privilege Escalation Attack
Release Date: 02/14/2003
Application: TruBlueEnvironment
Platform: MacOS X (10.2.3 and below)
Severity: Local users can gain root privileges
Author: Dave G.
Vendor …

February 11, 2003 • 3 min read