Linked by Thom Holwerda on Wed 22nd Nov 2006 09:06 UTC, submitted by someone
Mac OS X The 'Month of Kernel Bugs' project has found two unpatched security vulnerabilities in the way Mac OS X handles .dmg files. The first vulnerability, rated 'highly critical' by security-firm Secunia, can lead to privilege escalation, denial of service, and system access by a remote user (if Safari's open 'safe' files option is checked). The second issue is similar in nature, in that a corrupted UDTO HFS+ .dmg can lead to a denial of service condition. A workaround for both issues is to disable Safari's option to open 'safe' files after downloading, and to not open any .dmg file from a source you do not trust.
Thread beginning with comment 184321
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: No reason for panic
by shiny on Wed 22nd Nov 2006 10:46 UTC in reply to "No reason for panic"
Member since:

This can be annoying but does NOT constitute a security problem since you cannot crash the kernel in such a way that you can actually make it execute your own code.

Why couldn't you? I thought that is exactly the way to exploit the software. Make it crash and execute your code. You mean that system becomes inoperable after kernel crash? Who guarantees you that?

Reply Parent Score: 4

RE[2]: No reason for panic
by remiss on Wed 22nd Nov 2006 10:53 in reply to "RE: No reason for panic"
remiss Member since:

If the kernel crashes it get's a kernel panic -- e.g. nothing more happens.. Who would control things if the kernel craashed?

Reply Parent Score: 4