Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Mac OS X Proof Of Concept Exploit Code Published

clevin

clevin

macrumors G3
Original poster
Aug 6, 2006
9,095
1
http://www.informationweek.com/news...ml?articleID=216401181&subSection=All+Stories

Proof-of-concept exploit code has been posted online for six kernel vulnerabilities, five of which affect Mac OS X 10.5.6, the most current version of Apple's operating system software.
...
The vulnerabilities are proofs of concept that demonstrate the code can take control of a machine, either via creating a privilege escalation modifying the users or launching DoS local attacks against the PC," he said in an e-mail. "The proof of concept code has the ability to create a new system volume, call to some OS functions, change the user ID, and so on, without administrative privileges.
Click to expand...
 
probably not, the concept codes won't be used immediate, and the vulnerabilities takes more than couple of months to patch. One kernel vulnerability mentioned in the article is about 4 years old..
 
This bit is priceless :
The first, he said, "exploits a remote heap overflow in Apple's implementation of their own AppleTalk networking stack. The overflow is insufficient to allow for simple remote code execution since the length of data permitted is not sufficient to overwrite any 'useful' data structure. However, this bug is interesting since it would actually be trivially exploitable for remote kernel mode code execution if Apple's AppleTalk implementation was actually *correct* and did not contain a rather simple development bug.
Click to expand...

So their security inadequacy is fixed by their programming ineptitude :p
 
ihabime said:
This bit is priceless :

So their security inadequacy is fixed by their programming ineptitude :p
Click to expand...
funny indeed. when inadequacy and ineptitude occur together, this is one of the outcome. Wonder how many other places when these two happen separately.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back