A vulnerability has been discovered in Mac OS X, which can be exploited by malicious, local users to gain escalated privileges.
The problem is that "ARDAgent", which is owned by "root" and has the setuid bit set, can be invoked to execute shell commands via AppleScript (e.g. through"osascript"). This can be exploited to execute arbitrary commands with root privileges.
The vulnerability is confirmed on Mac OS X 10.4 and is also reported in version 10.5.