Powered By Nikeshoestore!

Month of Apple Bugs: Week 3

Posted on 08/04/2019 | in 杭州夜生活 | by

We're back with our third look at the past week's news coming out of the Month of Apple Bugs project. As with last week's coverage, there's a healthy mix of security disclosure and internet drama in this week's reports. HangZhou Night Net

But first, the bugs themselves, which once again comprise a mix of Apple and third-party software. Let's begin with the Apple ones, which include privilege escalation vulnerabilities in several setuid binary files within the /Applications hierarchy. The most insidious problem with this particular exploit is that a clever cracker can replace one of these binaries, hence being able to take advantage of Apple's own permissions repair functionality to erase his or her tracks. Other Apple-specific bugs include a buffer overflow in the slpd (Service Location Protocol) daemon and a format string vulnerability in iChat's URL handler. Both of these issues can lead to denial-of-service conditions, and the iChat bug could theoretically allow arbitrary code execution.

The other bugs concern third-party Mac applications, such as Transmit's buffer overflow when dealing with sftp:// URIs and multiple issues with improper system() calls by Rumpus, Maxum's file management server system for Macs. The Rumpus vulnerabilities are especially concerning because the service runs with elevated privileges, so an exploit could theoretically gain control of an entire system.

Then there's the Colloquy IRC client bug, which gets the nod for this week's controversy generator. The story is a bit confusing, but as near as we can suss out it goes something like this: last Wednesday, the MoAB crew published an exploit for Colloquy involving a format string vulnerability, which included a sample exploit against an unnamed IRC channel. As it turns out, however, this unnamed channel appears to have actually been #macdev on Freenode IRC, and the MoAB crew were allegedly using the exploit against Colloquy users prior to listing it on their site. The MoAB gang denies this, while others claim to have proof of their actions. Who's right? Who knows. At any rate, it's pretty clear that the MoAB crew and the folks from Unsanity are, if possible, even less enamoured with each other than they were last week. This makes the debate over Iraq look like a parking ticket dispute, doesn't it? (By the way, the Colloquy developers released a patch later that day, so if you use the application, make sure you tell it to check for recent updates.)

At this point, about the only absolute fact is this: after three weeks of all kinds of accusations, counter-accusations, insults, veiled threats, and general internet asshattery, there are still no official fixes from Apple for any of the documented security vulnerabilities (as of this afternoon).

(However, there is an unofficial fix for the issues related to permission repair, created by a Mac Achaia poster; see this link for details.)

We also invite you again to keep up to date on the most recent developments through our forum thread on the topic.

Comments are closed.

Categories

Recent Posts

Default utility Image isoHunt.com taken offline by ISP

Fans of BitTorrent search site isoHunt discovered yesterday that the popular site had gone offline....

Default utility Image New Jersey, New York to reap the benefits of Vista

With Windows Vista's release looming, Microsoft is doing all it can to spread...

Default utility Image Ballmer on the iPhone, or whatever it will ultimately be called

HangZhou Night Net

Microsoft Steve is not impressed with...

Default utility Image MySpace offers limited parental tools; critics not impressed

MySpace is, according to one conservative author I spoke with last year, a "porn hole."...

Default utility Image Beatles to finally arrive on iTunes in February. Maybe.

Yes, yes, we know that this rumor has been floating around...

Recent Posts

Default utility Image Default utility Image Default utility Image Default utility Image Default utility Image

Recent Posts

Default utility Image isoHunt.com taken offline by ISP

Fans of BitTorrent search site isoHunt discovered yesterday that the popular site had gone offline....

Default utility Image New Jersey, New York to reap the benefits of Vista

With Windows Vista's release looming, Microsoft is doing all it can to spread...

Default utility Image Ballmer on the iPhone, or whatever it will ultimately be called

HangZhou Night Net

Microsoft Steve is not impressed with...

Default utility Image MySpace offers limited parental tools; critics not impressed

MySpace is, according to one conservative author I spoke with last year, a "porn hole."...

Default utility Image Beatles to finally arrive on iTunes in February. Maybe.

Yes, yes, we know that this rumor has been floating around...

Tag Cloud