About: Rootpipe

An Entity of Type: software, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

Rootpipe is a security vulnerability found in some versions of OS X that allows privilege escalation whereby a user with administrative rights, or a program executed by an administrative user, can obtain superuser (root) access. This is considered problematic as the first user account created under OS X is furnished with administrator rights by default. By leveraging other security vulnerabilities on a system, such as an unpatched web browser, rootpipe could be used by an attacker to help gain complete control of the operating system.

Property	Value
dbo:abstract	Rootpipe is a security vulnerability found in some versions of OS X that allows privilege escalation whereby a user with administrative rights, or a program executed by an administrative user, can obtain superuser (root) access. This is considered problematic as the first user account created under OS X is furnished with administrator rights by default. By leveraging other security vulnerabilities on a system, such as an unpatched web browser, rootpipe could be used by an attacker to help gain complete control of the operating system. Emil Kvarnhammar of TrueSec, a security firm credited with the discovery, says that he found the vulnerability after several days of binary analysis. He recommends creating an account without administrative privileges to be used for normal everyday work and using FileVault. An older exploit for the same issue was later published on exploit-db, suggesting the issue dates back to June 2010. It appears the exploit was used by the author during a presentation on Trusteer Rapport at 2011. The vulnerability was reported to Apple Inc. in October 2014, and has been reported as present in OS X versions 10.7.5, 10.8.2, 10.9.5 and 10.10.2. OS X 10.10.3 was officially designated as patched by Apple, but Kvarnhammar (crediting Patrick Wardle) has blogged that the vulnerability is still present in that version. On 1 July 2015, Kvarnhammer noted that additional restrictions had been introduced in OS X 10.10.4, adding in a comment two days later that he believed the then-current versions of OS X 10.9 (with Security Update 2015-005) and 10.10 to be safe from the exploit. In November 2017, a similar vulnerability was revealed which allowed logging in as root with no password. (en)
dbo:wikiPageID	46483000 (xsd:integer)
dbo:wikiPageLength	3601 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID	1112136166 (xsd:integer)
dbo:wikiPageWikiLink	dbr:Apple_Inc. dbr:Trusteer dbc:Privilege_escalation_exploits dbr:Privilege_escalation dbr:Superuser dbr:FileVault dbr:OS_X dbr:44con
dbp:wikiPageUsesTemplate	dbt:Reflist dbt:Short_description dbt:Hacking_in_the_2010s
dcterms:subject	dbc:Privilege_escalation_exploits
gold:hypernym	dbr:Vulnerability
rdf:type	dbo:Software
rdfs:comment	Rootpipe is a security vulnerability found in some versions of OS X that allows privilege escalation whereby a user with administrative rights, or a program executed by an administrative user, can obtain superuser (root) access. This is considered problematic as the first user account created under OS X is furnished with administrator rights by default. By leveraging other security vulnerabilities on a system, such as an unpatched web browser, rootpipe could be used by an attacker to help gain complete control of the operating system. (en)
rdfs:label	Rootpipe (en)
owl:sameAs	freebase:Rootpipe yago-res:Rootpipe wikidata:Rootpipe https://global.dbpedia.org/id/2AeWC
prov:wasDerivedFrom	wikipedia-en:Rootpipe?oldid=1112136166&ns=0
foaf:isPrimaryTopicOf	wikipedia-en:Rootpipe
is dbo:wikiPageRedirects of	dbr:RootPipe
is dbo:wikiPageWikiLink of	dbr:RootPipe
is foaf:primaryTopic of	wikipedia-en:Rootpipe