Je viens de tomber sur cet article...
---
Hacker warns Apple Users : ' Watch those downloads '
Google
07/09/2002
A security mailing list has alerted Apple OS X users to a program that could let a hacker piggyback malicious code on downloads from the company's SoftwareUpdate service. According to the BugTraq mailing list, a hacker named Russell Harding has posted full instructions online for how to fool Apple's SoftwareUpdate feature to allowing a hacker to install a backdoor on any Mac running OS X. The exploit takes advantage of SoftwareUpdate, Apple's software updating mechanism in OS X, which checks weekly for new updates from the company. According to Harding, who claims to have discovered the exploit, the feature downloads updates over the Web with no authentication and installs them on a system. So far, there are no patches available for this problem.
Apple takes all security notifications seriously and is actively investigating this report," a company representative said. Harding stressed that the exploit is a simple one if using several well-known techniques, including domain-name service (DNS) spoofing and DNS cache poisoning. DNS spoofing is an attack where an individual seeks out a numerical IP address (for example, 1.2.3.4) corresponding to a specific Internet address (for example, www.cnet.com), but an attacker's computer intercepts the request. The attacker then sends back a false IP address that corresponds to a hostile server.
thanks snp.com
source : zone-h.org
Qu'en est-il de cette affaire aujourd'hui ? Est-ce que le problème est réglé ou il faut encore faire attention ?
article original
---
Hacker warns Apple Users : ' Watch those downloads '
07/09/2002
A security mailing list has alerted Apple OS X users to a program that could let a hacker piggyback malicious code on downloads from the company's SoftwareUpdate service. According to the BugTraq mailing list, a hacker named Russell Harding has posted full instructions online for how to fool Apple's SoftwareUpdate feature to allowing a hacker to install a backdoor on any Mac running OS X. The exploit takes advantage of SoftwareUpdate, Apple's software updating mechanism in OS X, which checks weekly for new updates from the company. According to Harding, who claims to have discovered the exploit, the feature downloads updates over the Web with no authentication and installs them on a system. So far, there are no patches available for this problem.
Apple takes all security notifications seriously and is actively investigating this report," a company representative said. Harding stressed that the exploit is a simple one if using several well-known techniques, including domain-name service (DNS) spoofing and DNS cache poisoning. DNS spoofing is an attack where an individual seeks out a numerical IP address (for example, 1.2.3.4) corresponding to a specific Internet address (for example, www.cnet.com), but an attacker's computer intercepts the request. The attacker then sends back a false IP address that corresponds to a hostile server.
thanks snp.com
source : zone-h.org
Qu'en est-il de cette affaire aujourd'hui ? Est-ce que le problème est réglé ou il faut encore faire attention ?
article original