Apple Mac OS X Directory Services slpd Symlink Privilege Escalation
Local Access Required
Loss of Integrity
Mac OS X contains a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to slpd creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, Apple has released a patch to address this vulnerability.