- CNET NETWORKS UK BUSINESS SITES:
- atlarge.com
- BNET UK
- silicon.com
- SmartPlanet.com
- ZDNet.co.uk
Multiple-user Macs most at risk...
By Joris Evers
Published: 3 October 2006 08:20 BST
Computer code that exploits a flaw in Apple's Mac OS X was released over the weekend.
The code takes advantage of a weakness in core parts of Mac OS X and could let a user gain additional privileges. Apple provided a fix for the error-handling mechanism of the kernel last week but the exploit appears to have been authored before then.
Dino Dai Zovi, a researcher with Matasano Security who was credited by Apple with discovering the flaw when the patch was released, said: "It appears to have been written well before the vulnerability was fixed. It appears to be a zero-day exploit and may have been distributed before the patch was released."
Apple representatives did not immediately return calls for comment.
Public exploits, while common for Microsoft's Windows, are a rarity for Mac OS X. Dai Zovi said: "More people are looking for vulnerabilities in Mac OS X."
The vulnerability could be exploited by a local attacker or someone with privileges to remotely log on to a machine. Macs that are used by multiple people as well as servers with remote access capabilities are most at risk, experts said. A user with limited privileges could exploit the flaw to possibly gain full system access.
Dai Zovi added: "The risk presented by this exploit is limited by the fact that it can only be exploited by a logged-in user, although the user may also be logged in remotely. The issue is also mitigated by the fact that a patch has already been released."
MacOS X by default checks for updates weekly, which means most Mac OS X systems will not be vulnerable much longer.
The exploit as it was publicly released does not do anything destructive, instead it runs the "/usr/bin/id" utility to show that the user enjoys full administrator privileges.
Matthijs van Duin, creator of the exploit, said: "I can then make it do anything I want. An ill-intended person with at least some skill could modify it to spawn a root shell."
Dai Zovi agreed - a knowledgeable user can easily replace or modify the exploit payload to run a full-access root shell, he said.
Joris Evers writes for CNET News.com
Excellent IT and systems knowledge; Flexibility over support hours; Must be enthusiastic, bright, and flexible; Essential software/hardware skills: ...
This person will have some Windows experience as well as technical experience with the following: Mac OS X Workstation Tiger (+Leopard desirable), ...
This means you could be utilising and certainly learning technical skills in Apple Mac, Mac OSX, programming (PHP/Actionscript)/Java for e.g.and even ...
CIO Agenda 2008
The exclusive silicon.com CIO Agenda 2008 survey looks at the CIO's tech shopping list for the year, examines whether IT budgets are rising or falling and reveals what the pain points are for tech chiefs this year. Find out more in our latest special report.
Staffing Service Coordinates Sales Activities, Utilizes Business Intelligence With...
Teachers Association Turns to Centralized Data Repository to Improve Member Service
Financial-Software Leader Credits Productivity Boost, Reduced IT Costs to 2007 Software
Staying Ahead of the Curve: Oracle Database 11g vs. Microsoft SQL Server 2005
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
RSS Feeds
silicon.com Dear silicon.com... XP lives, the femtocell 'truth', BlackBerry bashing… Reader Comments of the Week
Martin Brampton The Brampton Factor: Open source 'brotherhood' closed to co-operation Where's the real sharing?