Vuln exposes soft underbelly of Mac OS X
PrintApple patch pending
Posted in Mac Channel, 27th November 2003 16:30 GMT
Free research: Application platforms, the state of play
Details of a vulnerability in Mac OS X that creates a mechanism for crackers to take over vulnerable machines has been posted on the Net.
Security researcher William Carrel released details of a vulnerability, and suggested workarounds, in advance of a fix from Apple because of what he sees as the vendor's sluggish response to the problem.
The issue stems from a flaw in Apple's Dynamic Host Configuration Protocol (DHCP) client that means a user can be tricked into logging onto a rogue server. DHCP servers manage the assignment of IP addresses on a network.
If an Apple machine is booted in a hostile environment, this vulnerability means an attacker could load malicious code and take full control of a vulnerable Mac OS X workstation or server.
Exploitation is possible in both wired and wireless environments but by far the greater risk appears to come with WLANs.
The vulnerability affects Mac OS X 10.2 and 10.3 on both workstation and servers. Earlier versions of Mac OS X may also be vulnerable.
Carrel suggests a number of workarounds including preventing any network authorisation services from obtaining settings from DHCP, as explained here.
A fix from Apple is not expected before next month at the earliest. ®
Related Stories
Apple preps second Panther OS update
Panther bitten by second data damaging bug
Scripting flaws pose severe risk for IE users
Dirty, dirty PCs: The X-rated picture guide
Top 500 supers - rise of the Linux quad-cores
Early adopters bloodied by Ubuntu's Karmic Koala
Sign up, sign up for The Register IT security newsletter