[FD] Xamarin Studio for Mac API documentation update affected by local privilege escalation

Mon, 14 Aug 2017 11:37:19 -0700 

------------------------------------------------------------------------
Xamarin Studio for Mac API documentation update affected by local
privilege escalation
------------------------------------------------------------------------
Yorick Koster, April 2017

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
Xamarin Studio is an Integrated Development Environment (IDE) used to
create iOS, Mac and Android applications. Xamarin Studio supports
developments in C# and F# (by default). The API documentation update
mechanism of Xamarin Studio for Mac is installed as setuid root. This
update mechanism contains several flaws that could be leveraged by a
local attacker to gain elevated (root) privileges.

------------------------------------------------------------------------
See also
------------------------------------------------------------------------
- CVE-2017-8665
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8665 

------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was successfully verified on Xamarin Studio for Mac version
6.2.1 (build 3) and version 6.3 (build 863).

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
Microsoft released a new version of Xamarin.iOS that addresses this
issue:
https://support.microsoft.com/en-us/help/4037359

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://www.securify.nl/advisory/SFY20170403/xamarin-studio-for-mac-api-documentation-update-affected-by-local-privilege-escalation.html

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Reply via email to