Apple Mac OS X Default Pseudo-Terminal Permission Vulnerability

Apple Mac OS X Default Pseudo-Terminal Permission Vulnerability

Apple Mac OS X is susceptible to a default permissions vulnerability in its pseudo terminal system. This vulnerability is due to a design error when allocating new pseudo terminals.

This vulnerability allows local users to sniff potentially sensitive data from other users. It also allows them to send arbitrary data to other users' terminals, potentially allowing them to exploit latent vulnerabilities in software utilizing the pseudo terminal.

Apple Mac OS X versions prior to 10.4 are reportedly susceptible to this vulnerability.