toggle

AAPL Stock: 559.1 ( -6.22 )

MacNN News

Mac OS X web exploit not resolved by recent patch

updated 07:40 pm EST, Wed December 8, 2004

Apple web hole still open

Apple has , released last week to address a number of Apache and other vulnerabilities, "will only address the security flaw for OS X systems running the Apache web server which is shipped by default. Customers using other web servers such as 4D WebSTAR remain vulnerable the managed security specialist has claimed. In addition, those running modified versions of the Apache web server on OS X would not have received the update patch automatically, but would not necessarily realise this. The vulnerability risks allowing attackers to exploit URLs to gain access to back-end data structures and carry out website defacement or information theft."

by MacNN Staff

(3)

TAGS :

troubleshooting

Share the Article

Facebook Twitter Delious Slash Dot Digg

toggle

Comments

dashiel
Fresh-Faced Recruit

Joined: Sep 2001

0

12/08, 08:31pm | report spam | close Reply |
uhmm....

you know i hope apple does fix this, however if you're running a modified apache server or webStar i assume that you would be well on top of your security situation. at least you should be.

DesiSoftSystems
Fresh-Faced Recruit

Joined: May 2002

0

12/08, 09:16pm | report spam | close Reply |
Apple not responsible...

Just as Apple has released a fix for their special version of Apache, so any other company that serves web pages through their Mac OS X-based products are responsible for their own bug fixes, not Apple. The only way Apple could fix this the way these unknowledgable individuals are wanting is by disabling basic functionality in the operating system that permits valid users the ability to get a listing of their named forks of files via appropriate Unix functionality.

hayesk
Professional Poster

Joined: Sep 1999

0

12/09, 11:26am | report spam | close Reply |
This is bull

This is not an OS problem. Accessing data through named forks is perfectly valid. It's up to the web server developers to fix their own products so they don't serve data they shouldn't be.

Login Here

toggle

Network Headlines

05/25	Third-gen iPad coming to Philippines...
05/25	Apple to integrate Baidu search into...
05/24	Apple submits surprise optical stylus...
05/24	Yahoo releases Axis 'visual search'...
05/24	Apple airs two new Siri commercials...

Show All

05/25	Apple to integrate Baidu search into...
05/25	Google picks up webOS Enyo team, Open...
05/24	Apple submits surprise optical stylus...
05/24	Yahoo releases Axis 'visual search'...
05/24	Google�s 7-inch tablet ships next month...

Show All

05/23	Google launches redesigned Search app...
05/22	Leaked next-gen iPod touch part hints...
05/22	Hulu Plus updates with iPad Retina...
05/22	TiVo Stream to push TV to iPhones,...
05/22	Hands on: TouchType case for iPad,...

Show All

03/02	Save $330 on refurb. 15.4-inch, 2.4GHz...
03/01	Pre-owned 8GB iPod touch 2G, drops...
02/29	$150 off Nikon Coolpix S80 Compact...
02/28	Plantronics BackBeat 903 Bluetooth...
02/27	Refurb. Seagate 1.5TB GoFlex Portable...

Show All

toggle

Mac OS X web exploit not resolved by recent patch

updated 07:40 pm EST, Wed December 8, 2004

Apple web hole still open

uhmm....

Apple not responsible...

This is bull

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

10 Most Read

10 Most Discussed

MacNN Marketplace

Mac OS X web exploit not resolved by recent patch

updated 07:40 pm EST, Wed December 8, 2004

Apple web hole still open

Related Articles

Recent Articles

uhmm....

Apple not responsible...

This is bull

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

10 Most Read

10 Most Discussed

MacNN Marketplace