Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Symantec local privilege escalation (Mac products) - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Symantec local privilege escalation (Mac products)

A local privilege escalation problem in a security product like anti-virus software typically sets of quite some alarms with security people as the software is installed for getting the machines more secure, not less.

Mac versions of Symantec's anti-virus software have a local privilege escalation problem. It allows members of the admin group to gain "root" powers.

Still members of an admin group can use sudo to get a local shell with root powers anyway, hence we're not likely to loose much sleep over this one. That is , until it gets automated in a second stage exploit.

See http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html

--
Swa Frantzen

Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!