iTWire - Say Bonjour to latest Apple Bug

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

Say Bonjour to latest Apple Bug

Say Bonjour to latest Apple Bug

E-mail

by Stephen Withers
Tuesday, 30 January 2007
iChat has again been targeted by the Month of Apple Bugs project, with the latest disclosure revealing a pair of denial of service vulnerabilities relating to features using Bonjour, Apple's implementation of zero-configuration networking. Featured Whitepaper 5 Best Practices for Smartphone Support The first bug is that if a malicious program repeatedly advertises a user's presence via Bonjour, iChat will keep adding that user to the contacts list, "successfully block[ing] iChat users using Bonjour from discovering further peers in the network and having reliable communications." The second is that a maliciously crafted record can be used to crash the iChat Agent. The problem recurs if iChat's Bonjour capability is restarted, as the record is cached by mDNSresponder (Bonjour's service discovery daemon). According to LMH, "These particular issues can't be abused for arbitrary code execution" but they "can be abused remotely affecting numerous users given that they can be reached via service advertisements." The suggested workaround is to avoid using iChat with Bonjour (you probably don't, unless you use iChat within your organisation) or to disable mDNSresponder (not a great option if you use other applications or services that rely on Bonjour). In related news, the MoAB Fixes group has released its latest Application Enhancer module, including patches for the Software Update (January 24), Installer (January 26) and Flip4Mac (January 27) bugs. Telestream is reportedly working on an official fix for the Flip4Mac bug and will incorporate it in the next release.{moscomment} Tags See All Tags Apple Macintosh Malware Security Software Stephen Withers Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

NETSUITE ANNOUNCES Q3 09 RESULTS

AVG (AU/NZ) Wins Computer Troubleshooters Vendor of the Year Award for the Second Year

Mobile & Wireless VoIP on the Apple iPhone

AVG (AU/NZ) Growing Fast in an Economy Looking for Security

...Promote your press-releases here

Latest jobs

Assistant Documentation Developer - Macros, Templates
Server Specialist/Team Leader
Database Guru - Sybase / MS Server / SQL DB
Mainframe Customer Support Manager
Network Architect / Team Leader
Senior Performance Tester
Senior SAP FICO Analyst
Test Lead
Murex Analyst Programmer
Technical Consultant

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Business & IT Transformation Roles

Systems Analysts	Business Process Analysts
Test Analysts	Business Analysts
Business Readiness Analysts

Project C

stats for wordpress

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking