toggle

AAPL Stock: 129.36 ( + 0.27 )

Printed from http://www.macnn.com

Researcher offers details on OS X flaw

updated 05:20 pm EDT, Thu June 29, 2006

Launchd vulnerability

A security researcher has provided details on the launchd vulnerability fixed in Apple's latest OS update. The flaw, which was patched in the Mac OS X 10.4.7 update on Tuesday, could allow unauthenticated local users to execute arbitrary code with system privileges. The launchd daemon takes the place of the cron, xinetd, mach_init, and init programs on Mac OS X systems to perform system initialization, call system scripts, and run startup items. The proof-of-concept code offers a facility for launchd to send messages to the syslog daemon via a format string vulnerability that ultimately results in root access to the host system.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Feathers

    Joined: Dec 1969

    0

    Fixed!

    And this is news how exactly..seeing as it's already been fixed? Nothing to see here, move along!

  1. testudo

    Joined: Dec 1969

    0

    Re: fixed

    Maybe its because information is good. This way, people can decide whether this vulnerability is dangerous enough to warrant updating all computers to a new, and possibly troublesome, OS update?

  1. johnsonua

    Joined: Dec 1969

    0

    Notice the route

    "could allow unauthenticated local users to execute arbitrary code with system privileges."

    This pretty much only applies to computer laboratory systems, with many users on it, because very few home and individually-owned Macs have anything but admin users...

  1. grener

    Joined: Dec 1969

    0

    gds

    wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw wc4Ujw

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, it's not exactly something most people put a lot of thought into. Printers are often touted as ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

OmniPlan (OS X, iOS)

We reviewed the Omni Group's most famous Mac software, a To Do app called OmniFocus, back in June 2014, and we were impressed. Some o ...

toggle

Most Commented