Technology issues: June 2008 Archives

I’ve been looking for some AppleScripts or something that will try to take advantage of the ARD vulnerability I mentioned yesterday. Symantec has so far patched against two:

This is why I endorse having antivirus software installed before a threat. I have definitions set to download daily on my Macs but I can push them if I need. By now, all my Macs at work should be patched.

Slashdot yesterday posted Mac OS X Root Escalation Through AppleScript, which describes a vulnerability in a core component of Mac OS X 10.4 and 10.5. I was not able to reproduce this on my Tiger system at work but that’s just one machine.

The example given in the post is:

osascript -e 'tell app "ARDAgent" to do shell script "whoami"'

So what does this do? If you copy and paste the above code into the Terminal application found in /Applications/Utilities and then hit return, you’ll receive this in return:

root