Linked by Thom Holwerda on Fri 21st Apr 2006 22:08 UTC
Mac OS X Secunia said there are potential vulnerabilities in the Mac OS X operating system, first noticed by Tom Ferris. The firm described the holes as 'highly critical', meaning that systems could be compromised if crooks dive in. Secunia said the potential holes are in version 10.4.6, but other versions might be affected too.
Thread beginning with comment 117145
To read all comments associated with this story, please click here.
It is just me..
by Jody on Sat 22nd Apr 2006 04:47 UTC
Jody
Member since:
2005-06-30

Or does anyone else think calling something "Critical" or "Highly Critical" without stating if it is locally or remotely exploitable overly vague?

Is it local or remote?
Does it require a less privileged account on the system?
If remote does it impact a "default" install?
Does exploiting require user action (browser etc.)?

There is a light year of difference between local account escalation and a remote vuln in a default running service. I hate how everything is simply lumped into "Critical".

I should not have to click through 6 links and read the entire fluffed report to get this information.

We have standards for everything else, how hard would it be to break it down into "Critical (status 1)" or "Critical (status 5)" depending on actual potential for exploit?

Edited 2006-04-22 04:51

Reply Score: 3

RE: It is just me..
by dr_gonzo on Sat 22nd Apr 2006 12:48 in reply to "It is just me.. "
dr_gonzo Member since:
2005-07-06

I presume they're remote exploits since they involve Safari browsing a dodgy web page.

Did you read the information on the exploits? It was pretty clear.

Reply Parent Score: 1