Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: Question about Mac OS X 10.4 Security
From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Thu, 2 Mar 2006 13:33:56 -0000
Paul Schmehl wrote:

--On Thursday, March 02, 2006 08:57:18 +1100 mz4ph0d () gmail com wrote:


Sorry to spoil everyone's fun.
<http://docs.info.apple.com/article.html?artnum=303382>

Maybe, just maybe, Apple are actually better (able/positioned) to
respond quickly to vulnerabilities before the exploits in-the-wild
affect more than 50 people? Who knows.


It doesn't look like it.  They seem to have addressed the
vulnerability as it applies to Safari, but not the underlying
vulnerability.


  I don't know how you deduce that Z was referring to the Safari problem(s), 
I thought it might have been the one about the mailer failing to warn for 
some unsafe attachment types.


If I send you an email, with a zip attachment (naming
and extension is irrelevant), and I can get you to attempt to open
the attachment (fairly trivial with many users), I can execute
abitrary code on your machine.  The only "restriction" is that, if I
attempt to execute code that requires admin privileges, I'd have to
convince you to type in your password (again, fairly trivial for most
users.)


  Exactly.  Some of the most successful viruses recently have arrived inside 
encrypted zip files, with a GIF as an attachment, that contains a password 
in graphical format, and the user has to open the gif attachment and note 
down the password and open the zip and enter the password and extract the 
executable and run it.

  And they /did/, in their droves.

  No matter what kind of protection Apple put in place, no matter how 
quickly they fix drive-by-install vulnerabilities, no matter how big the 
warning dialog that mail pops up when it detects executable files and even 
if it isn't spoofable - people will still do it.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]