Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines , White Papers
Rumpus over FTP flaws E-mail
by Stephen Withers   
Saturday, 20 January 2007
The latest Month of Apple Bugs disclosure mentions multiple vulnerabilities in Rumpus, an FTP server for Macintosh.

Featured Whitepaper

5 Best Practices for Smartphone Support
To quote from the disclosure, "rumpusd is vulnerable to different remotely exploitable heap-based buffer overflows, denial of service conditions and local privilege escalation issues. Due to the fact that Rumpus works under root privileges, successful exploitation by unprivileged users would allow a full compromise of the system."

Some of these are said to be remotely exploitable, others only locally - though they can be exploited by non-admin users.

The suggested workaround is to limit access to Rumpus from remote hosts, but "There's no workaround for some of the local privilege escalation issues".

Alternative FTP servers for Mac OS X include CrushFTP and PureFTPd Manager).{moscomment}

Tags See All Tags


Apple  Macintosh  Malware  Security  Software  Stephen Withers 
Powered By Joomla Tags

Please enable JavaScript in your browser to post your comment!
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 694,279
Subscribers 15,210
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

- Advertisement -

Featured Whitepapers

...More
1