Bugs in Apple (MoAB)
January 2007
Bug found in Apple security patch software.
The group behind the Month of Apple Bugs (MoAB) project has found a flaw in software designed to fix security issues on Apple Macs. The vulnerability affects the Application Enhancer (Ape) software, which was designed by a rival group trying to combat the flaws highlighted by MoAB. The bug could allow malicious users on a local system to replace Ape's binary code and take control of the root privileges on a computer. "Like the previous local exploits, this could be combined with a remote exploit to gain root privileges from an administrator account without user interaction," said Landon Fuller, author of the Ape software, on his blog. "There are also a number of alternative exploit conditions that could occur due to the admin_writability of other directories in /Library."
Source: http://www.vnunet.com/vnunet/news/2172335/apple_flaw_found_s ecurity_patch
Bug found in Apple security patch software.
The group behind the Month of Apple Bugs (MoAB) project has found a flaw in software designed to fix security issues on Apple Macs. The vulnerability affects the Application Enhancer (Ape) software, which was designed by a rival group trying to combat the flaws highlighted by MoAB. The bug could allow malicious users on a local system to replace Ape's binary code and take control of the root privileges on a computer. "Like the previous local exploits, this could be combined with a remote exploit to gain root privileges from an administrator account without user interaction," said Landon Fuller, author of the Ape software, on his blog. "There are also a number of alternative exploit conditions that could occur due to the admin_writability of other directories in /Library."
Source: http://www.vnunet.com/vnunet/news/2172335/apple_flaw_found_s ecurity_patch
posted by arkietechs at 7:32 AM
0 Comments:
Post a Comment
<< Home