ITWire

Home Business IT Security NMAP developer announces Mac OS X vulnerability

NMAP developer announces Mac OS X vulnerability

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


"As the name suggests, the Public shares are available to anyone without authentication. Given the default permissions on home directories (world read+execute) and the default umask (world read), this has a serious impact - as unauthenticated users can read all files in a user's home directory. The attack also works for authenticated users against shares requiring authentication.

"Technically the attack is not very challenging and relies on a classic directory traversal attack. It is strikingly similar to the famous Windows SMB filesharing vulnerability from 1995."

The vulnerability was first disclosed to Apple on February 10th and after numerous delays, Apple finally agreed to full disclosure occurring overnight (March 29th US time).

In addition to outlining the vulnerability, the author also provides a simple test to detect whether a target system is vulnerable.

Quoting the discoverer:

Here is the syntax for running the scripts against a system or network to detect vulnerable hosts [using a script available from the NMAP website]:

nmap -p 548 --script afp-path-vuln
If the server is vulnerable it will show the following output:

PORT    STATE SERVICE
548/tcp open  afp
| afp-path-vuln:
|   Patrik's Public Folder/../ (5 first items)
|     .bash_history
|     .bash_profile
|     .CFUserTextEncoding
|     .config/
|     .crash_report_checksum
|
|_AFP path traversal (CVE-2010-0533): VULNERABLE

For those running the Snow Leopard version of Apple OS X, the update may be found here.  iTWire strongly recommends applying the update as soon as possible.

 

RECRUITMENT & RETENTION REPORT 2013

HIRE OR FIRE? BUY OR BUILD

2013 is well underway and Australian companies need to know whether they should invest in IT skills training or pay a premium for the people they need.

If you want to know which choices are being made in your sector, what skills are hard to find, which sectors intend to hire or fire and where the IT spend is going, this free report is must have.

GET YOUR REPORT NOW

David Heath

joomla statistics

David Heath has over 25 years experience in the IT industry, specializing particularly in customer support, security and computer networking. Heath has worked previously as head of IT for The Television Shopping Network, as the network and desktop manager for Armstrong Jones (a major funds management organization) and has consulted into various Australian federal government agencies (including the Department of Immigration and the Australian Bureau of Criminal Intelligence). He has also served on various state, national and international committees for Novell Users International; he was also the organising chairman for the 1994 Novell Users' Conference in Brisbane. Heath is currently employed as an Instructional Designer, building technical training courses for industrial process control systems.

More in this category: « How to strap on the Web 2.0 safety harness Internet Explorer update imminent »
back to top


Services

Company

Community

Connect

http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=5460041&PluID=0&ord=[2000]&rtu=-1