Multiple local privilege escalation vulnerabilities in Proxifier for Mac
------------------------------
Yorick Koster, April 2017
------------------------------
Abstract
------------------------------
Multiple local privileges escalation vulnerabilities were found in the
KLoader binary that ships with Proxifier. KLoader is responsible for
loading a Kernel Extension (kext). KLoader is installed setuid root, it
accepts one or two command line arguments that are used in a number of
system commands. These arguments are used in an insecure manner allowing
a local attacker to elevate its privileges. In addition, the environment
is not properly sanitized, which also introduces an possibility to run
arbitrary commands with elevated privileges.
------------------------------
Tested versions
------------------------------
These issues were successfully verified on Proxifier for Mac v2.18.
------------------------------
Fix
------------------------------
Proxifier v2.19 was released that addresses these issues.
------------------------------
Details
------------------------------
https://www.securify.nl/adviso
Komentarų nėra:
Rašyti komentarą