Описание
The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled.
The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5829
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38229
- http://osvdb.org/40864
- http://secunia.com/advisories/27488
- http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html
- http://securitytracker.com/id?1018889
- http://securitytracker.com/id?1018890
- http://www.securityfocus.com/bid/26253
- http://www.vupen.com/english/advisories/2007/3698
EPSS
CVE ID
Связанные уязвимости
The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled.
EPSS