New Mac OS X Exploit; High Risk (Downloads)

22 11 2006

Mac OS X Apple UDTO HFS+ Disk Image Denial of Service (1) [via] Month of Kernel Bugs (MoKB)

From what I hear this is the shizzle for killing a Mac:

Mac OS X fails to properly handle corrupted UDTO HFS+ image structures (ex. bad sectors), leading to an exploitable denial of service condition. Although it hasn’t been checked further, memory corruption is present under certain conditions (in this particular case, unlikely to allow arbitrary code execution).

This issue probably exists in FreeBSD as well, although it can’t be trigerred in the same manner. Thus, a future MoKB release will cover related filesystem bugs verified for FreeBSD.

This issue is remotely exploitable as Safari loads DMG files from external sources (ex. visiting an URL). This can be prevented by changing the Preferences and deactivating the functionality for ‘opening “safe” files after downloading’.

The following DMG image can be used to reproduce the bug: MOKB-21-11-2006.dmg.bz2

bunzip2 MOKB-21-11-2006.dmg.bz2 && hdiutil attach MOKB-21-11-2006.dmg

For Safari users feeling lucky, at: MOKB-21-11-2006.dmg

Nice one there MoKB!!

BTW – Anyone interested in haxxxoring the Mac OS should probably get this app for their Mac: Apple Xcode




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: