Month of Apple Bugs & Fixes

Search
Archives
Categories
- News (103)
- Tips (50)
- Tools (210)
  - Anti-Spam (19)
  - Anti-Spyware (22)
  - Anti-Virus (24)
  - Content Filtering (20)
  - Disassembler (4)
  - Encryption (33)
  - Firewall (27)
  - Forensics (12)
  - Freeware (149)
  - Hardware (22)
  - IDS/IPS (43)
  - Linux/Unix (125)
  - Live CD (8)
  - Network (157)
  - OSX (80)
  - Packet Sniffer (32)
  - Password Cracker (8)
  - Patch Management (9)
  - Port Scanner (24)
  - Proxy (14)
  - VPN (16)
  - vulnerability Scanner (54)
  - Windows (123)
  - Wireless (17)
Books

Security Books

Apple-Worm Security researcher who asked to be identified by his online alias “LMH” in on the hunt for previously undisclosed security bugs in Apple Mac OSX and applications that run on it, every day on this month of January 2007. This is the same researcher who in November ran the Month of Kernel Bugs project. Apple will not receive any advanced notice of the security bugs. The researchers hope that this will dispel the perception that Apple systems are free of the security bugs that have long plagued Windows users.

“OS X users still think their system is bulletproof, and some people are interested on making it look that way,” LMH told the Washington Post in an interview conducted in instant message.

Bugs
As of writing this, 6 bugs are already disclosed in the MOAB project page:

1. Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow
A vulnerability in the handling of the rtsp:// URL handler allows remote arbitrary code execution.

2. VLC Media Player udp:// Format String Vulnerability
A vulnerability in the handling of the udp:// URL handler allows remote arbitrary code execution.

3. Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability
A vulnerability in the handling of the HREFTrack field allows to perform cross-zone scripting, leading to potential remote arbitrary code execution.

4. iLife iPhoto Photocast XML title Format String Vulnerability
A format string vulnerability in the handling of iPhoto XML feeds title field allows potential remote arbitrary code execution.

5. Apple DiskManagement BOM Local Privilege Escalation Vulnerability
A vulnerability in the handling of BOM files by DiskManagement/diskutil allows to set rogue permissions on the filesystem. This can be used to execute arbitrary code and escalate privileges.

6. Multiple Vendor PDF Document Catalog Handling Vulnerability
The current PDF specification is affected by a design flaw, a rogue Pages entry or malicious catalog dictionary could cause a denial of service (memory corruption condition, memory leakage, etc) or potential arbitrary code execution in the reader application.

Fixes
Landon Fuller, programmer and former Apple BSD engineer, has offered to try and provide fixes for the exploits that appear during this Month of Apple Bugs. He’s already provided an workaround solution for the first bug in QuickTime vulnerability and VLC team has released a new version 0.8.6a addressing the problem. So, now we have a team hunting the bugs and another patching them.

Posted by Niranjan on January 7th, 2007 in News |

(No Ratings Yet)

Loading ...

You might be interested in these as well:

One Response to 'Month of Apple Bugs & Fixes'

Subscribe to comments with RSS or TrackBack to 'Month of Apple Bugs & Fixes'.

Security Tools News & Tips » Blog Archive » Apple fixes QuickTime - the first patch to ‘Month of Apple Bugs’ flaw said,

on January 25th, 2007 at 10:25 am

[...] Apple has released a patch to the highly critical QuickTime flaw discovered at Month of Apple Bugs project. Available for: QuickTime 7.1.3 on Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.8, Mac OS X Server v10.4.8, Windows XP/2000 [...]

Security Tools News & Tips

Search

Archives

Categories

Books

Featured

Subscription

Popular

Security Alerts

Security Sites

Vulnerabilities

Month of Apple Bugs & Fixes

One Response to 'Month of Apple Bugs & Fixes'

Post a comment