Do you think, because you’re using an Apple Mac, your data is safe from hackers ? Well, it is not true, there are dozens of security weaknesses and today Researchers have made it easier to exploit Apple Mac OS X, that allows penetration testers and hackers to gain root access.
The flaw remained unmatched by Apple for the last five months, dubbed CVE-2013-1775, the flaw allowed attackers to bypass normal password authentication procedures by resetting the computer clock to January 1, 1970.
The reason that specific date is required is because it represents the beginning of time to the operating system and some applications that run on it. When the SUDO command is used in combination with a clock reset, the computer can be tracked into providing root access without a password.
Metasploit authors have come up with a brand new module that makes the bug even easier to exploit, renewing interest in the problem. The module gains a session with root permissions as long as the user ran the SUDO command before and as long as they have administrative privileges.
H.D. Moore, founder of Metasploit, warned that this was a serious vulnerability: “The bug is significant because it allows any user-level compromise to become root, which in turn exposes things like clear-text passwords from Keychain and makes it possible for the intruder to install a permanent rootkit.”
In addition, the hacker needs to have either physical or remote access to the machine. Apple has yet to respond or issue a patch for the bug. As a result, all versions of the operating system from OS X 10.7 to the current 10.8.4 are affected.
Most of the recent exploits of Mac OS X have been related to Java, which Apple completely blocked earlier this year over security vulnerabilities.
The flaw remained unmatched by Apple for the last five months, dubbed CVE-2013-1775, the flaw allowed attackers to bypass normal password authentication procedures by resetting the computer clock to January 1, 1970.
The reason that specific date is required is because it represents the beginning of time to the operating system and some applications that run on it. When the SUDO command is used in combination with a clock reset, the computer can be tracked into providing root access without a password.
Metasploit authors have come up with a brand new module that makes the bug even easier to exploit, renewing interest in the problem. The module gains a session with root permissions as long as the user ran the SUDO command before and as long as they have administrative privileges.
H.D. Moore, founder of Metasploit, warned that this was a serious vulnerability: “The bug is significant because it allows any user-level compromise to become root, which in turn exposes things like clear-text passwords from Keychain and makes it possible for the intruder to install a permanent rootkit.”
In addition, the hacker needs to have either physical or remote access to the machine. Apple has yet to respond or issue a patch for the bug. As a result, all versions of the operating system from OS X 10.7 to the current 10.8.4 are affected.
No comments:
Post a Comment