Subscribe via feed.

Mac OS X flaws exposed

Posted by deepquest on October 30, 2003 – 5:53 am

US-based security-research company @Stake has warned of newly discovered vulnerabilities affecting the Mac OS X operating system.

The company released three advisories this morning. The first details “systemic” flaws in the way OS X handles file and directory permissions, while the second details a kernel level vulnerability that does not affect default installations of the operating system. The third involves a buffer overflow condition that may be remotely exploitable.

Controversially, Apple has not yet released patches for the security issues. @Stake has advised Mac users to upgrade to the latest Apple operating system, which is not vulnerable to the flaws. The operating system, OS X 10.3, or Panther, is priced at $129.

According to the first advisory, some applications are installed on Mac OS X systems with insecure file permissions, so “many of the files and directories that compose various applications are globally writable”. The problem with that, according to @Stake, is it allows attackers with limited access to the system to replace program files with files of their choice, thus obtaining “additional privileges from unsuspecting users, who may run the replaced version of the binary [file]”.

“These Trojan binaries would escalate the privileges of the attacker to the privileges of the unsuspecting user who ran them,” it explains.

The second issue identified by @Stake, which only affects non-default installations, may allow attackers to steal authentication details of other users on a system they have restricted access to.

“In the event a system is running with core files enabled, attackers with interactive shell access can overwrite arbitrary files, and read core files created by root owned processes. This may result in sensitive information like authentication credentials being compromised,” the advisory reads.

@Stake’s research director, Chris Wysopal, said there’s no technical reason a freely downloaded patch can’t be released for earlier versions of the operating system. “The file permission problem is pretty serious,” he said. “This is only a local [vulnerability] but is bad in environments where Macs are shared, such as colleges and libraries.”

more details from [url=http://www.silicon.com/software/security/0,39024655,39116662,00.htm]Silicon.com[/url]


This post is under “Apple” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »