CVE-2015-5889

Apple OS X <10.11 - Privilege Escalation

Title source: llm

Description

rsh in the remote_cmds component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving environment variables.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalosx
https://www.exploit-db.com/exploits/38540
exploitdb WORKING POC VERIFIED
by rebel · pythonlocalosx
https://www.exploit-db.com/exploits/38371
metasploit WORKING POC NORMAL
by rebel, shandelman116 · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/rsh_libmalloc.rb

References (10)

Scores

EPSS 0.1156
EPSS Percentile 93.7%

Details

CWE
CWE-264
Status published
Products (1)
apple/mac_os_x < 10.10.5
Published Oct 09, 2015
Tracked Since Feb 18, 2026