Privacy Digest

ARDAgent exploit - Description and possible work around - MacShadows KB - Via MacShadows KB :

The ARDAgent exploit is a root privilege escalation exploit using AppleScript, taking advantage of lax permissions set upon the ARDAgent application in Mac OS X 10.4 and 10.5. The ARDAgent vulnerability is currently not patched.

Initial posting by callmenames
The discovery of this exploit is accredited to TheSharedForums member callmenames. Subsequent its initial posting and confirmation in the thread, several members including callmenames, Oktane, andrewistheshit, and Wawl began a collaborative effort to create proof of concept software exploiting this vulnerability, one of which was the Trojan Horse Template in AppleScript, or AS.tht as dubbed by security profiteers.

[...]

Solutions

The exists a few temporary solutions for the mainstream Mac OS X owner until a patch is released by Apple in a future Software Update: 1. Compress the application 2. Activate (enable) Apple Remoter Desktop agent. However this may open the user up to the problem of an insecure network. 3. Remove the application 4. Repair permissions, this can be accomplished using the Accounts root privileges or those of the ARDAgent.app itself. The instructions below demonstrate how to change the permissions of the application ARDAgent.app using the Accounts privileges. This is an easy fix and should be distributed immediately as the trojans specified above have been released into the public.

Editor: I have not tested this myself.

(Read Original Article - Via MacShadows KB.)