Linked by Thom Holwerda on Fri 21st Apr 2006 22:08 UTC
Mac OS X Secunia said there are potential vulnerabilities in the Mac OS X operating system, first noticed by Tom Ferris. The firm described the holes as 'highly critical', meaning that systems could be compromised if crooks dive in. Secunia said the potential holes are in version 10.4.6, but other versions might be affected too.
Thread beginning with comment 117072
To read all comments associated with this story, please click here.
Let's get the real picture...
by MikeekiM on Fri 21st Apr 2006 23:25 UTC
MikeekiM
Member since:
2005-11-16

Mac OS X
Currently, 1 out of 69 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Linux Kernel 2.6.x
Currently, 14 out of 79 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Windows XP Pro
Currently, 27 out of 131 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Reply Score: 5

JustAnotherMacUser Member since:
2006-01-08

The Secunia "Mac OS X" exploit list doesn't count the ones found recently by Tom Ferris.

The "1 out of 69" was like that since the 10.4.6 update.

Reply Parent Score: 2

Finalzone Member since:
2005-07-06

Flaws in that comparison. For example, Red Hat kernel is heavily patched than the vanilla version therefore the number of advisories differ from distros to distros.

Another flaw is to compare the kernel vs the whole operating system which is pratically misleading. Here is an example of fair comparison with different operating systems:

Mac OS X
Currently, 1 out of 69 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Fedora Core 5 (1 month after release)
Currently, 0 out of 7 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Red Hat Enterprise 4
Currently, 0 out of 166 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Fedora Core 4
Currently, 0 out of 111 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Fedora Core 3
Currently, 0 out of 206 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Ubuntu 5.04
Currently, 0 out of 135 Secunia advisories, are marked as "Unpatched" in the Secunia database.

Windows XP Pro
Currently, 27 out of 131 Secunia advisories, are marked as "Unpatched" in the Secunia database.

These reports are taken on april 22nd, 2006 straight from Secunia website. You will be the judge.

Reply Parent Score: 5

somebody Member since:
2005-07-07

Wow, now if you would proceed and check locality and how critical those advisories are.

Tho more critical, the more worried you get. If they are also remote you should be panicking.

Reply Parent Score: 1

MikeekiM Member since:
2005-11-16

Wow, now if you would proceed and check locality and how critical those advisories are.

You mean like this one?

Linux Kernel Multiple Vulnerabilities
Partial Fix. Secunia Advisory 28 of 33 in 2005
Release Date:
2005-02-16 Secunia Advisory ID:
SA14295 Solution Status:
Partial Fix
Criticality:
Impact:
Unknown
Hijacking
Security Bypass
Exposure of sensitive information
Privilege escalation
DoS
Where:
From remote
Short Description:
Some vulnerabilities have been reported in the Linux kernel. These can be exploited by malicious, local users to gain knowledge of potentially sensitive information, cause a DoS (Denial of Service), or gain escalated privileges, or by malicious people to cause a DoS or bypass certain security restrictions. [Read More]

Reply Parent Score: 1