Penetration Testing: Re: Apple pentesting

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: Apple pentesting

From: Thomas Stromberg <tstrombe () indiana edu>
Date: Tue, 05 Apr 2005 14:51:36 -0500

Todd Towles wrote:

Nessus does work against Macs, the problem with testing Macs is they
never released vulnerability statements..never. If a hole is found,
Apple releases a patch and no ones says anything. If Microsoft did

this..everyone would go crazy.


See http://docs.info.apple.com/article.html?artnum=61798

You will find a list of what components each patch affects, along withthe CVE ID. Heck, they even give credit to the discoverers of eachexploit. While I can't say for sure that they have never snuck patchesin for unrelated issues, I've found it a worthwhile resource.


--
//  Thomas Stromberg, 812.855.8450
//  UNIX Coordinator, Chemistry IT Group
//  Indiana University Bloomington

By Date By Thread

Current thread:

Re: Apple pentesting, (continued)
- Re: Apple pentesting Erik Winkler (Apr 05)
- Re: Apple pentesting Mike (Apr 06)
- RE: Apple pentesting Todd Towles (Apr 05)
  - Re: Apple pentesting Daniel (Apr 05)
  - Re: Apple pentesting sam f. stover (Apr 05)
  - Re: Apple pentesting Thomas Stromberg (Apr 05)
  - Re: Apple pentesting Thomas Hardly (Apr 06)
- RE: Apple pentesting Altheide, Cory B. (IARC) (Apr 05)
- RE: Apple pentesting Todd Towles (Apr 05)
  - Re: Apple pentesting Daniel (Apr 06)
- RE: Apple pentesting Altheide, Cory B. (IARC) (Apr 05)