Vulnerabilities in Mac OS X -

  Andsome 07:11 01 Nov 2003

- Vulnerabilities in Mac OS X -
Oxygen3 24h-365d, by Panda Software (click here)

Madrid, October 31, 2003 - @stake has reported (*) two vulnerabilities that
affect Mac OS X 10.2.8 and earlier versions. The security implications of
these flaws range from crashing the system to running commands as root.

The first of these vulnerabilities can cause the Mac OS X kernel to crash
when a long command line argument is specified. When this happens, the
system will immediately block, without generating any log files or
displaying any error messages, and users will not be able to perform any
tasks. After several minutes, the computer will restart.

A more sophisticated exploit of this vulnerability could allow an attacker
to use an overflow in the kernel to run arbitrary commands as root, with
maximum privileges in the system.

The second flaw lies in the fact that many applications are installed in Mac
OS X with insecure permissions. This could allow a malicious user to
overwrite files and directories and obtain confidential information.

Until the patches for the different versions are released, users whose
computers are affected by these vulnerabilities can upgrade to Panther (Mac
OS X 10.3). More information at: click here

(*) The @stake security advisories are published at:
click here
click here

NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the


The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's
free online scanner: 1) Bugbear.B; 2) Blaster; 3) Gibe.C; 4) Parite.B; 5)

To unsubscribe from Oxygen3 24h-365d, please visit:
click here

To contact with Panda Software, please visit:
click here

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Mi Mix 3 UK Review: Xiaomi's Flagship Slides Into The UK

12 character artists you should know about in 2019

iPad mini 5 release date, price & specs rumours

Test : l’enceinte Bluetooth BW-AS2 de Blitzwolf