iTWire - Say Bonjour to latest Apple Bug

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

Say Bonjour to latest Apple Bug

Say Bonjour to latest Apple Bug

E-mail

by Stephen Withers
Tuesday, 30 January 2007
iChat has again been targeted by the Month of Apple Bugs project, with the latest disclosure revealing a pair of denial of service vulnerabilities relating to features using Bonjour, Apple's implementation of zero-configuration networking. Featured Whitepaper 5 Best Practices for Smartphone Support The first bug is that if a malicious program repeatedly advertises a user's presence via Bonjour, iChat will keep adding that user to the contacts list, "successfully block[ing] iChat users using Bonjour from discovering further peers in the network and having reliable communications." The second is that a maliciously crafted record can be used to crash the iChat Agent. The problem recurs if iChat's Bonjour capability is restarted, as the record is cached by mDNSresponder (Bonjour's service discovery daemon). According to LMH, "These particular issues can't be abused for arbitrary code execution" but they "can be abused remotely affecting numerous users given that they can be reached via service advertisements." The suggested workaround is to avoid using iChat with Bonjour (you probably don't, unless you use iChat within your organisation) or to disable mDNSresponder (not a great option if you use other applications or services that rely on Bonjour). In related news, the MoAB Fixes group has released its latest Application Enhancer module, including patches for the Software Update (January 24), Installer (January 26) and Flip4Mac (January 27) bugs. Telestream is reportedly working on an official fix for the Flip4Mac bug and will incorporate it in the next release.{moscomment} Tags See All Tags Apple Macintosh Malware Security Software Stephen Withers Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking