Mac OS X vulnerability reported - Democratic Underground

Prisoner_Number_Six

(1000+ posts) Send PM | Profile | Ignore

Thu Dec-18-03 01:44 PM
Original message

Mac OS X vulnerability reported

Uh oh... looks like the Mac ain't perfect after all......
---

Buffer overflow in Mac OS X
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, December 17 2003 - Security Corporation has reported a vulnerability affecting Mac OS X 10.3.1 which could allow local users to escalate privileges.

This security problem stems from an error in the validation of parameters in the "cd9660.util" utility. This situation could be exploited to cause a buffer overflow, by entering a long value as a parameter.

If an attacker were to successfully exploit the vulnerability, they could execute arbitrary code with root privileges. The recommended solution is to eliminate the suid bit(*).

(*) Bit activated by adding 4000 to the octal representation of the file permissions. When it is activated, it indicates that all those who run the file will have , while it is run, privileges of the creator (e.g. root). When a file has a buffer overflow vulnerability this configuration can give maximum system privileges.

------------------------------------------------------------

The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1)Downloader.L; 2)Parite.B; 3)Bugbear.B; 4)Klez.I; 5)Blaster.

Printer Friendly | Permalink | | Top

kutastha

(400 posts) Send PM | Profile | Ignore

Thu Dec-18-03 01:57 PM
Response to Original message

1. The current software is 10.3.2

Any news on if this affects that version?

Printer Friendly | Permalink | | Top

dwckabal

(854 posts) Send PM | Profile | Ignore

Thu Dec-18-03 02:32 PM
Response to Original message

2. OS X is far from perfect

but at least it doesn't facilitate remote system exploitation through a word processor's clip art function!

Printer Friendly | Permalink | | Top

Kellanved

(1000+ posts) Send PM | Profile | Ignore

Thu Dec-18-03 02:34 PM
Response to Original message

3. more links

Original Buqtraq post:
http://www.securityfocus.com/archive/1/347578

But there are more issues:
The Finder doesn't check permissions, if the arrow keys are used instead of the mouse. The UNIX permissions work fine; the problem is with the hidden/forbidden MacOS files.

Macs are very trustful concerning other Users/Computers in the same network; Apple actually gave a "it's not a bug, it's a feature" reply to that issue, stating that it is Apple's philosophy to consider LANs secure.
http://www.carrel.org/dhcp-vuln.html
...

Printer Friendly | Permalink | | Top

frylock

(1000+ posts) Send PM | Profile | Ignore

Thu Dec-18-03 02:42 PM
Response to Reply #3

4. it's not a bug, it's a feature..

That is rich!!

Printer Friendly | Permalink | | Top

dani

(640 posts) Send PM | Profile | Ignore

Thu Dec-18-03 04:43 PM
Response to Reply #3

6. some of that is bogus

the inaccuracies about OSX and DHCP are answered here:
http://www.bynkii.com/networking/archives/000099.html

Printer Friendly | Permalink | | Top

WannaJumpMyScooter

(1000+ posts) Send PM | Profile | Ignore

Thu Dec-18-03 04:10 PM
Response to Original message

5. But, unlike Micr$loth, there is a fix...

Printer Friendly | Permalink | | Top

DU AdBot (1000+ posts)

Sun May 05th 2024, 08:31 PM
Response to Original message

Advertisements [?]

Top

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.