Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Mac OS X不安全文件权限漏洞
Vulnerability Description
Mac OS X是一款使用在Mac机器上的操作系统,基于BSD系统。 Apple Mac OS X以不安全默认权限安装和建立文件,本地攻击者可以利用这个漏洞修改敏感文件或替代二进制程序导致权限提升。 1)DMG文件权限 Mac OS X在当拉DMG文件到磁盘映象时会重设目录权限为全局可读/写/执行。当拖文件夹到挂接的DMG中也会出现相同情况。这个重设只出现在目录上,而不会重设文件权限。由于这些目录中包含应用程序,攻击者可以使用木马程序覆盖任何应用程序。当其他高权限用户执行时会导致权限提升。 2)不正确特定
CVSS Information
N/A
Vulnerability Type
N/A