news of 2003-11-27



Another Security Hole in Mac OS X

Read all about it here.
An excerpt:

"Vulnerability: Malicious DHCP response can grant root access

Affected Software
Mac OS X 10.3 (all versions through today's date)
Mac OS X Server 10.3 (all versions through today's date)
Mac OS X 10.2 (all versions through today's date)
Mac OS X Server 10.2 (all versions through today's date)
Probably earlier versions of Mac OS X and Mac OS X Server
Possibly developer seeded copies of future versions of Mac OS X

Abstract
A series of seemingly innocuous default settings can cause an affected Mac OS X machine to trust a malicious machine on a network for user, group, and volume mounting settings."


Apple has been notified of this issue. It is not currently known whether Apple is issuing this security hole with 10.3.2. It is assumed that a separate security update will be released at the beginning of next week, as this has to be taken seriously. You'll find workarounds in the linked article.

[ written by fryke™ on 2003-11-27 at 00:34 CET ]
[ e-mail comments/info ] - [ story link ] - [ back to top ]



© 2001-2004 by fryke™ - if you want to reference our articles in your publications (on- or offline),
please mention macnews.net.tc and use the story links below each article. thank you. - this site is served on linux, using
apache and blosxom, it is maintained using a macintosh. we thank all of our sources for their information and trust.