Arbitrary Kernel Loading Vulnerability in KisMAC before 0.05d

CVE-2003-0703 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.sh, or (4) via "similar techniques" using exchangeKernel.sh.

Learn more about our User Device Pen Test.