Vulnerability: TruBlueEnvironment

Part of the MacOS Classic Emulator, TruBlueEnvironment is setuid root and installed by default. By setting certain environment variables, it is possible to overwrite any file on the system, or create arbitrary files owned as root with the attacker's umask. This vulnerability can be leveraged to create files that will get executed by root through the cron facility.

It is recommended to upgrade to Mac OS X 10.2.4.

For details, click here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AtStake

Show Comments