Yesterday, Mac software developer Intego published a security memo on an exposure that exists with the ARDAgent application on OS X 10.4 and 10.5. ARDAgent runs when you use Screen Sharing in 10.5, and if you've enabled Remote Management in the System Preferences panel, but this exploit actually works when ARDAgent isn't running. As far as I know, this exploit was first published on the Apple page at Slashdot, though it probably appeared elsewhere earlier.

You can read the details of the exploit in the Slashdot entry, but basically, it relies on the fact that ARDAgent runs as root and can send AppleScript commands, such as do shell script, to the system it's running on. Given ARDAgent is running as root, any shell script launched by ARDAgent also runs as root, so such scripts run without promptin...

SIMILAR POSTS:

• Neutering the Apple Remote Desktop exploit
• 10.5: Run a Time Machine backup then shut down
• An AppleScript trick turns any NAS device into a Time Machine drive
• 10.5: Avoid syslogd CPU usage when using AppleScript
• View Doppler radar-in-motion on the desktop