Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple MacOS Classic TruBlueEnvironment环境变量权限提升漏洞
Vulnerability Description
TruBlueEnvironment是一款MacOS Classic Emulator包含的工具,默认以setuid root属性安装。 TruBlueEnvironment的设置环境变量存在问题,本地攻击者可以利用这个漏洞通过cron工具等进行权限提升攻击,或覆盖系统重要文件进行拒绝服务攻击。 TruBluEnvironment使用一个环境变量来定义把调试信息输出写到某个位置的文件中,本地用户可以设置此环境变量指向文件系统中的任何文件。如果文件存在,它将被置为零字节,如果文件不存在,就会以调用进程的um
CVSS Information
N/A
Vulnerability Type
N/A