Exclusive Deal While supplies last, save 40% off over 40 iPhone 5 and iPhone 4/4S cases and chargers as well as Samsung S III cases at Kensington.com. Use coupon code 'SAVE40%' at checkout to receive this exclusive discount.      
toggle

AAPL Stock: 445.15 ( + 3.01 )

http://www.macnn.com/articles/04/05/24/uri.exploit.in.os.x/

Mac OS X: still vulnerable to URI exploit after patch

updated 07:35 am EDT, Mon May 24, 2004

 

URI exploit in OS X


Secunia confirms that Apple's related to the previously outlined URI Handler Registration Code Execution Vulnerability, which it continues to describe as "extremely critical." Secunia says "this problem is escalated due to the fact that it by default is possible to silently download and mount disk images using two known methods (silent download and execution of "safe" files and the "disk" URI). Furthermore, it is reportedly also possible to mount volumes using other methods such as SMB, AFS, FTP, DAV and others."


by MacNN Staff

Post tools:

TAGS :

 troubleshooting

Related Articles

Recent Articles

toggle

Comments

  1. Macaholic

    Fresh-Faced Recruit

    Joined: Mar 2002

    0
    05/24, 09:47am | report spam | Reply |

    Paranoid Android

    Seems to be the way to go for now... check out the unsanity.com website.

  1. macimmortal

    Fresh-Faced Recruit

    Joined: Aug 2001

    0
    05/24, 09:59am | report spam | Reply |

    Huh?

    Would someone PLEASE show me this web site that actually contains an exploitive link?

    And be careful before you install haxies. Not all of them work flawlessly with current OS versions and certainly not future ones.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    05/24, 10:00am | report spam | Reply |

    WTF?

    What kind of name is "Secunia"?

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    05/24, 10:12am | report spam | Reply |

    Re:Huh

    Do you mean a link that demonstrates the bug, or a link that actually does something harmful? For the former, just go to unsanity's web site (if your aversion to haxies doesn't preclude you from doing this). For the latter, there are no known instances, but then again, who knows, since what could be done could very well be more sniffing than destructive.

    I laugh at the people who post around here (like they did over the weekend or last week) that this is all FUD or overblown because there's no exploit in the wild. No one says any of this when MS announces security fixes or people announce holes. They just say "Look how many security holes fill Redmond, Washington", even if no exploits exist, or even likely to appear. And then when an exploit appears afterwards (after the fix has been released) they get slammed again for having such crappy security. (And most of the slams against MS actually come from Trojans, that people have to open, lately, not viruses or worms).

    Well, Apple's got a huge security hole here, and its only a matter of time for someone to try to exploit it. Several problems were made public, one of which was fixed. But just because there's no exploit doesn't mean its serious. The fact is, the mere decision to open your web browser could infect your system in who knows how many ways, from trashing your home directory (and people who say "Its only my home directory, they can't touch the system" seem to miss a minor but important point: Between the two, I'd rather have my system wiped out and my home directory safe, then have my home directory wiped out and my system safe) to installing keyboard sniffers to installing trojans or viruses for malicious use later (you know, like DDOS attacks and the like).

    Mac folk really need to get their heads out of the sand when it comes to security.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    0
    05/24, 10:15am | report spam | Reply |

    Little Snitch

    BTW, on Macintouch, one of their readers (and they themselves) suggest using little snitch to help stop this. Anyone have any idea how this could help this problem?

  1. blidd

    Fresh-Faced Recruit

    Joined: Sep 2003

    0
    05/24, 10:30am | report spam | Reply |

    Well you should be able

    to protect your self. If you Create a new empty account for internet surfing without adm previlegies. They might get access to your computer, but they want have anything to delete, as the account are empty.

  1. Rosyna

    Forum Regular

    Joined: Aug 2001

    0
    05/24, 10:36am | report spam | Reply |

    Article flawed

    You cannot disable smb, cifs, or nfs as they are not protocol handlers.

  1. Macaholic

    Fresh-Faced Recruit

    Joined: Mar 2002

    0
    05/24, 10:56am | report spam | Reply |

    Haxies...

    Are mostly harmless and EASILY removed. I have not had any issues with Fruit Menu or WindowShade, other than the Haxie not always running correctly when a new verion of the OS comes out. I think I'll stick with Paranoid Android until Apple comes out with a fix. It's certainly better than NOTHING.

  1. macimmortal

    Fresh-Faced Recruit

    Joined: Aug 2001

    0
    05/24, 11:37am | report spam | Reply |

    Re:Re:Huh? Calm down

    "No one says any of this when MS announces security fixes or people announce holes."

    That is because there are DOCUMENTED examples of people exploiting the holes in MS's crappy OS.

    "Between the two, I'd rather have my system wiped out and my home directory safe, then have my home directory wiped out and my system safe)"

    Most Mac users are smart enough to know to back up their home directory, please don't insult us. Re-installing an entire system after you get it fully configured for whatever applications you use is NOT an option for people who MUST GET WORK DONE on a deadline.

    "Mac folk really need to get their heads out of the sand when it comes to security."

    Intelligent people know the difference between a REAL threat and a PERCEIVED threat.
    Have a great day!

  1. klinux

    Senior User

    Joined: Jul 2002

    0
    05/24, 12:30pm | report spam | Reply |

    Exactly

    Exactly, all it takes is for someone to post some malformed links or write a mail script to send the link out via e-mail and then you got the "in the wild" proponent fulfilled!

    This is a serious security risk and all Mac users should acknowledge the seriousness of it.

Show More Comments

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News