Secunia Advisory: SA10440
Release Date: 2003-12-16
Critical: Less critical
Impact: Privilege escalation
Where: Local system
OS: Apple Macintosh OS X
Description:
Max has reported a vulnerability in Mac OS X, which can be exploited by malicious, local users to escalate their privileges.
The vulnerability is caused due to a boundary error in the utility "cd9660.util" when handling input to the probe for mounting ("-p") parameter. This can be exploited to cause a buffer overflow by supplying an overly long, specially crafted string as argument.
Successful exploitation may allow execution of arbitrary code with "root" privileges.
The vulnerability has been confirmed in Mac OS X 10.3.1. Other versions may also be affected.
Solution: Remove the suid bit.
Provided and/or discovered by: Max
http://www.secunia.com/advisories/10440/

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic