Rootpipe

Rootpipe is a security vulnerability found in some versions of OS X that allows privilege escalation whereby a user with administrative rights, or a program executed by an administrative user, can obtain superuser (root) access. This is considered problematic as the first user account created under OS X is furnished with administrator rights by default.^[1] By leveraging other security vulnerabilities on a system, such as an unpatched web browser, rootpipe could be used by an attacker to help gain complete control of the operating system.^[1]

Emil Kvarnhammar of TrueSec, a security firm credited with the discovery, says that he found the vulnerability after several days of binary analysis. He recommends creating an account without administrative privileges to be used for normal everyday work, and using FileVault.^[1]

An older exploit for the same issue was later published on exploit-db^[2] suggesting the issue dates back to June 2010.

The vulnerability was reported to Apple Inc. in October 2014,^[3] and has been reported as present in OS X versions 10.7.5, 10.8.2, 10.9.5 and 10.10.2.^[4] OS X 10.10.3 was officially designated as patched by Apple, but Kvarnhammar (crediting Patrick Wardle) has blogged that the vulnerability is still present in that version.^[5]^[6] On 1 July 2015, Kvarnhammer noted that additional restrictions had been introduced in OS X 10.10.4, adding in a comment two days later that he believed the then-current versions of OS X 10.9 (with Security Update 2015-005) and 10.10 to be safe from the exploit.^[7]

References

1 2 3 Nadine Juliana Dressler. "Achtung vor Rootpipe: Super-User-Rechte ohne Passwort am Mac".
↑ "Apple Mac OSX < 10.9/10 - Privilege Escalation". exploit-db. 13 April 2015.
↑ "Swedish hacker finds 'serious' vulnerability in OS X Yosemite". Macworld. 31 October 2014.
↑ Fabian Scherschel ([email protected]) (2015-04-18). "Root-Lücke in OS X". c't. Heise. 2015 (10): 49. |access-date= requires |url= (help)
↑ "OS X 10.10.3 still vulnerable".
↑ Krystle Vermes (21 April 2015). "Rootpipe continues: Former NSA staffer finds Mac vulnerability - Digital Trends". Digital Trends.
↑ "Exploiting rootpipe again".

Hacking in the 2010s

Major incidents	Operation Aurora (2010) Australian cyberattacks (2010) Operation Payback (2010) HBGary Federal (2011) DigiNotar (2011) RSA SecurID compromise (2011) Operation Tunisia (2011) 2011 PlayStation Network outage (2011) Operation AntiSec (2011) Stratfor email leak (2012–13) LinkedIn hack (2012) South Korea cyberattack (2013) Snapchat hack (2013) Yahoo! data breaches (2013–14) Operation Tovar (2014) iCloud leaks of celebrity photos (2014) Sony Pictures hack (2014) Office of Personnel Management data breach (2015) Hacking Team (2015) Ashley Madison data breach (2015) VTech data breach (2015) Bangladesh Bank heist (2016) Commission on Elections data breach (2016) Democratic National Committee cyber attacks (2016) DCCC cyber attacks (2016) Dyn cyberattack (2016)

Groups	Anonymous associated events Bureau 121 Cozy Bear CyberBerkut Derp Equation Group Fancy Bear GNAA Goatse Security Hacking Team Iranian Cyber Army Lizard Squad LulzRaft LulzSec New World Hackers NullCrew NSO Group PayPal 14 PLA Unit 61398 Pranknet RedHack The Shadow Brokers Syrian Electronic Army TeaMp0isoN Tailored Access Operations UGNazi Yemen Cyber Army

Individuals	George Hotz Guccifer Guccifer 2.0 Hector Monsegur Jeremy Hammond Junaid Hussain Kristoffer von Hassel Mustafa Al-Bassam MLT Ryan Ackroyd Topiary The Jester weev

Vulnerabilities discovered	Heartbleed (2014) Shellshock (2014) POODLE (2014) Rootpipe (2014) JASBUG (2015) Stagefright (2015) DROWN (2016) Badlock (2016) Dirty COW (2016)

Malware	Careto / The Mask CryptoLocker Dexter Duqu Duqu 2.0 FinFisher Flame Gameover ZeuS Mahdi Metulji botnet NSA ANT catalog Pegasus R2D2 Shamoon Stars virus Stuxnet XAgent

This article is issued from Wikipedia - version of the 11/25/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.