lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
Order Openwall GNU/*/Linux 2.0 on a CD with delivery worldwide
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Wed Mar  1 22:20:54 2006
From: pauls at utdallas.edu (Paul Schmehl)
Subject: Re: Question about Mac OS X 10.4 Security

--On Thursday, March 02, 2006 08:57:18 +1100 mz4ph0d@...il.com wrote:
>
> Sorry to spoil everyone's fun.
> <http://docs.info.apple.com/article.html?artnum=303382>
>
> Maybe, just maybe, Apple are actually better (able/positioned) to
> respond quickly to vulnerabilities before the exploits in-the-wild
> affect more than 50 people? Who knows.
>
It doesn't look like it.  They seem to have addressed the vulnerability as 
it applies to Safari, but not the underlying vulnerability.  If I send you 
an email, with a zip attachment (naming and extension is irrelevant), and I 
can get you to attempt to open the attachment (fairly trivial with many 
users), I can execute abitrary code on your machine.  The only 
"restriction" is that, if I attempt to execute code that requires admin 
privileges, I'd have to convince you to type in your password (again, 
fairly trivial for most users.)

So, Apple hasn't fully addressed this problem yet.  (Trust me, I've tested 
it.)  If you are responsible for Macs and you haven't read this yet, you 
need to:

<http://isc.sans.org/diary.php?storyid=1138&rss>  (Don't click the PoC link 
if you're using a Mac!)

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux