2013
03.05

Setuid Tunnelblick Privilege Escalation

Category: Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS / Tag:  / Add Comment

This Metasploit module exploits a vulnerability in Tunnelblick 3.2.8 on Mac OS X. The vulnerability exists in the setuid openvpnstart, where an insufficient validation of path names allows execution of arbitrary shell scripts as root. This Metasploit module has been tested successfully on Tunnelblick 3.2.8 build 2891.3099 over Mac OS X 10.7.5.

More:
Setuid Tunnelblick Privilege Escalation

No Comment.

Add Your Comment

Your Comment

You must be logged in to post a comment.