Technology news and Jobs 
Information Technology News Say Bonjour to latest Apple Bug
Information Technology News Say Bonjour to latest Apple Bug | Say Bonjour to latest Apple Bug |
|
| by Stephen Withers | |
| Tuesday, 30 January 2007 | |
      
The first bug is that if a malicious program repeatedly advertises a user's presence via Bonjour, iChat will keep adding that user to the contacts list, "successfully block[ing] iChat users using Bonjour from discovering further peers in the network and having reliable communications." The second is that a maliciously crafted record can be used to crash the iChat Agent. The problem recurs if iChat's Bonjour capability is restarted, as the record is cached by mDNSresponder (Bonjour's service discovery daemon). According to LMH, "These particular issues can't be abused for arbitrary code execution" but they "can be abused remotely affecting numerous users given that they can be reached via service advertisements." The suggested workaround is to avoid using iChat with Bonjour (you probably don't, unless you use iChat within your organisation) or to disable mDNSresponder (not a great option if you use other applications or services that rely on Bonjour). In related news, the MoAB Fixes group has released its latest Application Enhancer module, including patches for the Software Update (January 24), Installer (January 26) and Flip4Mac (January 27) bugs. Telestream is reportedly working on an official fix for the Flip4Mac bug and will incorporate it in the next release.{moscomment} |
Tags
| < Next story in category | Previous story in the category > |
|---|
