OzHub, the Macquarie Telecom-led cloud computing alliance, has come down firmly on the side of Optus over the copyright controversy surrounding Optus TV Now, warning that any moves to change the law "risk branding Australia a global luddite state."
read more
Stephen Withers
Thursday, 11 January 2007 05:27
While today's exploit uses a malformed DMG file, the the bug is more deep seated. It is within the UFS filsystem code that is shared by Mac OS X and FreeBSD. An integer overflow leads to the allocation of a negatively-sized buffer, causing a kernel panic.
"Arbitrary code execution is possible, as we control the size parameter used for buffer allocation and data is being copied directly from the stream in the DMG image," writes MoAB's LMH, adding that Apple was aware of this flaw over a month ago.
In related news, some people have complained that the proof of concept for an earlier bug disclosed by MoAB (day 7's Application Enhancer (APE) Local Privilege Escalation) did what it promised: "drop a backdoor on the system and possibly perform other hilarious operations."
In a blog post, LMH points out "The disclaimer is clear enough, and if they go around downloading and voluntarily executing random code (read, a exploit), it's certainly their responsibility to set up a properly isolated environment. Otherwise you're total jackass or plain retarded".
Loading comments ...
 |
Microsoft Office 365Try an easy-to-use set of web-enabled tools for business-class productivity services. Office 365 provides anywhere-access to email, important documents, contacts, and calendars on almost any device.  |
LATEST HEADLINES FROM YOUR IT
