CVE-2007-0752
Apple Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
El demonio PPP (pppd) en el Apple Mac OS X 10.4.8 comprueba la propiedad del descriptor del fichero stdin para determinar si el solicitante tiene suficientes privilegios, lo que permite a usuarios locales cargar extensiones de su elección y obtener privilegios de administrador evitando estas comprobaciones.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-02-05 CVE Reserved
- 2007-05-24 CVE Published
- 2007-05-25 First Exploit
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://docs.info.apple.com/article.html?artnum=305530 | X_refsource_confirm | |
| http://secunia.com/advisories/25402 | Third Party Advisory | |
| http://www.osvdb.org/35144 | Vdb Entry | |
| http://www.securityfocus.com/bid/24144 | Vdb Entry | |
| http://www.securitytracker.com/id?1018124 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/1939 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34503 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/3985 | 2007-05-25 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=537 | 2017-07-29 | |
| http://lists.apple.com/archives/security-announce/2007/May/msg00004.html | 2017-07-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | 10.4.8 Search vendor "Apple" for product "Mac Os X" and version "10.4.8" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Mac Os X Server Search vendor "Apple" for product "Mac Os X Server" | 10.4.8 Search vendor "Apple" for product "Mac Os X Server" and version "10.4.8" | - |
Affected
| ||||||