RE: 3 OS X security vulnerabilities

From: E. Bond Francisco <ebondf_at_uclink.berkeley.edu>
Date: Wed Oct 29 2003 - 08:51:26 PST

Lucas,

Thanks for the info. When someone actually starts to exploit these and us
Macophiles are running around at midnight patching our beloved machines, we
can wear that as a badge of honor that the Mac has finally arrived. Panther,
by the way, is very nice to work with.

Bond

-----Original Message-----
From: owner-magnet-list@uclink4.berkeley.edu
[mailto:owner-magnet-list@uclink4.berkeley.edu] On Behalf Of Lucas Rockwell
Sent: Wednesday, October 29, 2003 8:35 AM
To: magnet-list@uclink.berkeley.edu
Subject: [MAGNet] 3 OS X security vulnerabilities

Hi all,

@stake has issued 3 security advisories in regard to OS X 10.2.8 and below.

At this point the recommended fix is to upgrade to Panther. However, @stake
does offer a solution for the insecure file permissions problem. (See
advisory for more details.)

news.com has a story about it:

http://news.com.com/2100-1016_3-5098688.html?tag=nefd_top

@stake advisories:

http://www.atstake.com/research/advisories/2003/

http://www.atstake.com/research/advisories/2003/a102803-3.txt
Advisory Name: Long argv[] Buffer Overflow
 Release Date: 10/28/2003
  Application: Mac OS X
     Platform: Mac OS X (10.2.8 and below)
     Severity: Attacker can crash Mac OS X and possibly execute
               commands as root

http://www.atstake.com/research/advisories/2003/a102803-2.txt
Advisory Name: Systemic Insecure File Permissions
 Release Date: 10/28/2003
  Application: Finder (and many others)
     Platform: Mac OS X 10.2.8 and below
     Severity: High

http://www.atstake.com/research/advisories/2003/a102803-1.txt
Advisory Name: Arbitrary File Overwrite via Core Files
 Release Date: 10/24/2003
  Application: Kernel
     Platform: Mac OS X 10.2.8 and below
     Severity: High

-lucas

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about MAGNet, its meetings and events, and its mailing list,
including information on subscribing and unsubscribing, see the MAGNet Web
site at <http://magnet.berkeley.edu/>.

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
Received on Wed Oct 29 08:53:23 2003

This archive was generated by hypermail 2.1.8 : Wed Oct 29 2003 - 08:53:23 PST