Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines , White Papers
MoAB day five reveals 'in the wild' exploit E-mail
by Stephen Withers   
Saturday, 06 January 2007
Day five of the Month of Apple Bugs has uncovered a vulnerability that is said to be being exploited in the wild.

Featured Whitepaper

5 Best Practices for Smartphone Support
The Apple DiskManagement BOM Local Privilege Escalation Vulnerability describes a problem whereby the permissions repair process can be tricked into setting incorrect and inappropriate privileges for particular locations.

This situation can then be exploited to "plant a backdoor, overwrite resources or simply gain root privileges." One example presented involves the creation of malicious cron tasks for the root user. Cron is a system function that runs tasks according to a schedule, such as the overnight system maintenance tasks. Cron tasks for the root user run with root privileges, which means they can do anything.

A temporary fix is said to be to remove the setuid bit from DiskManagementTool and to check that the system hasn't already been compromised by comparing the hashes of specified receipt files with those of a new installation.

Yesterday's iPhoto vulnerability has been patched by Finlay Dobbie, a member of Landon Fuller's MOAB Fixes group. "His patch guards the -[SubscribedAlbum registerPublishError:withTitle:] method, escaping all occurances of '%' in the title argument," wrote Fuller.

The latest MOAB Fixes APE (Application Enhancer module) also updates the fix for the QuickTime HREFTrack vulnerability, providing additional protection by only allowing http, https and ftp URLs in a movie's HREFTrack. Credit goes to William Carrel.

The next release will remove the patch for VLC 0.8.6, so users of that media player should install version 0.8.6a before moving to MOAB Fixes 5.0.{moscomment}

Tags See All Tags


Apple  Macintosh  Malware  Software  Stephen Withers 
Powered By Joomla Tags

Please enable JavaScript in your browser to post your comment!
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 694,279
Subscribers 15,210
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

- Advertisement -

Featured Whitepapers

...More
1