Mac OS X < 10.4 pty Permission Weakness

medium Nessus Plugin ID 18352

Synopsis

The remote version of the operating system contains a vulnerability which has been patched by the vendor in a newer release of the system

Description

The remote host is running a version of Mac OS X which is older than version 10.4.

Versions older than 10.4 contain a security issue in the way they handle the permissions of pseudo terminals.

When an application uses a new pseudo terminal, it can not restrict its permissions to a safe mode. As a result, every created pseudo terminal has permissions 0666 set, which allows a local attacker to sniff the session of other users.

Solution

Upgrade to Mac OS X 10.4 or newer.

See Also

http://www.securityfocus.com/archive/1/397306

Plugin Details

Severity: Medium

ID: 18352

File Name: macosx_10_4.nasl

Version: 1.14

Type: local

Agent: macosx

Published: 5/20/2005

Updated: 7/14/2018

Supported Sensors: Nessus Agent

Risk Information

VPR

Risk Factor: Medium

Score: 5

CVSS v2

Risk Factor: Medium

Base Score: 6.6

Temporal Score: 4.9

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:N

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/MacOSX/packages

Exploit Ease: No known exploits are available

Patch Publication Date: 5/1/2005

Vulnerability Publication Date: 5/1/2005

Reference Information

CVE: CVE-2005-1430

BID: 13467