toggle

AAPL Stock: 500.83 ( + 3.16 )

MacNN News

Researcher offers details on OS X flaw

updated 05:20 pm EDT, Thu June 29, 2006

Launchd vulnerability

A security researcher has provided details on the launchd vulnerability fixed in Apple's latest OS update. The flaw, which was patched in the Mac OS X 10.4.7 update on Tuesday, could allow unauthenticated local users to execute arbitrary code with system privileges. The launchd daemon takes the place of the cron, xinetd, mach_init, and init programs on Mac OS X systems to perform system initialization, call system scripts, and run startup items. The proof-of-concept code offers a facility for launchd to send messages to the syslog daemon via a format string vulnerability that ultimately results in root access to the host system.

by MacNN Staff

(4)

TAGS :

troubleshooting

Share the Article

Facebook Twitter Delious Slash Dot Digg

toggle

Comments

Feathers
Grizzled Veteran

Joined: Oct 1999

0

06/29, 06:31pm | report spam | close Reply |
Fixed!

And this is news how exactly..seeing as it's already been fixed? Nothing to see here, move along!

testudo
Fresh-Faced Recruit

Joined: Aug 2001

0

06/30, 10:07am | report spam | close Reply |
Re: fixed

Maybe its because information is good. This way, people can decide whether this vulnerability is dangerous enough to warrant updating all computers to a new, and possibly troublesome, OS update?

johnsonua
Fresh-Faced Recruit

Joined: Aug 2003

0

06/30, 04:06pm | report spam | close Reply |
Notice the route

"could allow unauthenticated local users to execute arbitrary code with system privileges."

This pretty much only applies to computer laboratory systems, with many users on it, because very few home and individually-owned Macs have anything but admin users...

grener
Banned

Joined: Jul 2006

0

08/04, 11:09am | report spam | close Reply |
gds

wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw

Login Here

toggle

Network Headlines

02/16	Mountain Lion updates to be funneled...
02/16	Apple shifts schedules for OS X updates...
02/16	Cook sees merging of notebooks, tablets...
02/16	Apple claims backing for rights to...
02/16	Intel may push Ivy Bridge back to June...

Show All

02/16	Cook sees merging of notebooks, tablets...
02/16	Apple claims backing for rights to...
02/16	Intel may push Ivy Bridge back to June...
02/16	Ex-Olympus President, other execs,...
02/15	Sony completes Ericsson stake buyout...

Show All

02/16	Cook sees merging of notebooks, tablets...
02/15	Apple upgrades iBookstore with screenshots...
02/15	Congress asks Apple to answer questions...
02/14	Apple attempting to disrupt Siri hacks...
02/14	Readability iOS app delayed, Android...

Show All

02/16	Garmin nuvi 4.3-inch Portable GPS Navigator...
02/15	Monster iCarPlay Wireless FM Transmitter...
02/14	Refurb. 16GB iPhone 4, now only $259...
02/13	Refurb. Flip UltraHD Pocket Digital...
02/10	$380 off refurbished 2.8GHz Mac Pro...

Show All

toggle

Researcher offers details on OS X flaw

updated 05:20 pm EDT, Thu June 29, 2006

Launchd vulnerability

Fixed!

Re: fixed

Notice the route

gds

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

10 Most Read

10 Most Discussed

MacNN Marketplace

Researcher offers details on OS X flaw

updated 05:20 pm EDT, Thu June 29, 2006

Launchd vulnerability

Related Articles

Recent Articles

Fixed!

Re: fixed

Notice the route

gds

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

10 Most Read

10 Most Discussed

MacNN Marketplace