Slashdot Mirror

← Back to Domains

Domain: frsirt.com

Stories and comments across the archive that link to frsirt.com.

Comments · 39

  1. Re:Newbie Question by bonch · · Score: 1 · on What Normal Users Can Expect From Ubuntu 8.10

    How so? What I said is exactly that. On an unformatted disk you get three options, 1- use the whole disk, 2- custom partiton, and.. wait. there's only two.

    I can't figure out what I mean by me over simplifying it because that's what it is, simple.

    You word it so that the Windows partitioning step looks like it involves more steps than the Ubuntu stage, when both systems have a partition stage. You even have the user create a new partition for some reason when their disk is most likely already partitioned, and all they have to do is press Enter.

    I did that because Ubuntu comes with Office software already on the disk.

    You do realise that people use office software don't you?

    Again (since you're being purposely obtuse), you cite Ubuntu's inclusion of OpenOffice as an advantage while pretending that versions of Office don't already come preinstalled on PCs or even on the OEM Windows recovery install disc included with the PC. Dell even has a CD with an app that lists all the bundled applications available, and you can just click their names. OpenOffice is also a free download for Windows.

    This is nonsense, how can you do a fair comparrison of installing the operating system on a custom pc and come up with "the vendor disk".

    Why wouldn't I? What is unfair about pointing out that Windows almost always comes with Office as well? And if it doesn't, OpenOffice is a free download for Windows too. I really don't see the point is of even bringing it up as an advantage.

    It's totally irrelevant anyway because it's still not a click install even with the vendor disk. Which was my whole point in the first place.

    There's no such thing as a "click install," especially with Linux.

    Yes because it would be irresponsible not to download updates for Windows. It's so important that your box can get owned in less then 4 minutes.

    Ubuntu never has security problems. Ever.

  2. Re:Correction of Corrections! by SuperKendall · · Score: 1 · on SDK Shoot Out, Android Vs. IPhone

    Ok, I will take a last shot - Explain to me why on the "Sandboxed" iPhone 2 OS Safari can be still be exploited to execute *arbitrary* code - http://support.apple.com/kb/HT3129 ?

    Because no sandbox is 100% free of ways to get out of it.

    As noted, that goes for Java too.

    If the Java application was vulnerable and some malicious hacker causes the instruction to execute native code be loaded - its just going to be caught by the Virtual CPU as VM policy violation and you will get a nice permission denied type exception dialog.

    That's very naive. That's what normally happens but as noted, there are ways around that just as with any system, to exploit flaws in the VM itself.

    Sandboxes are great but any system must take a defense in depth approach, because you cannot rely on one system only like VM sandboxing) for security restrictions.

  3. Re:Let's see some truthful tagging by kesuki · · Score: 2, Informative · on Top Botnets Control Some 1 Million Hijacked Computers

    Let me just point out, you can use an apple PC without running quicktime OR safari.

    And Since it's based off FreeBSD, there are really easy ways to harden the OS against exploits, like with any unix or unix-a-like OS variant. (like chflag aka chattr on linux)

    and if you REALLY want to harden an apple system there is Darwin.

    I mean, at least someone with some common sense can add a nice layer of security for apple without adding anything more than a replacement for safari and removing quicktime.

    For windows security you need to run vista, or have a hardware firewall to protect your XP machine... Is it just me or is an OS with 58 'unpatched' vulnerabilities not somehow worse?
    http://www.frsirt.com/english/Unpatched-Microsoft-Vulnerabilities.php

    I know the safari vulnerability is pretty serious, but is it not as equally serious as the ActiveX Control Dialog Box Security Bypass Vulnerability, that is still unpatched on XP? I mean think of the dancing bunnies problem of internet security, a dancing bunnies site could easily use the activex bypass to install malware, on millions of XP machines.

  4. Any protection is NOT better than no protection by Gnavpot · · Score: 1 · on Antivirus Inventor Says Security Pros Are Wasting Time

    Now, don't get me wrong, *any* protection is obviously better than none

    That is not obvious. It's even wrong.

    There are several examples of protection software which actually weakened the host PC because the software added new vulnerabilities which were open for remote exploits. A quick Google search revealed these examples:

    Norton Anti-virus: http://blogs.zdnet.com/threatchaos/?p=334

    Clam Anti-virus: http://www.zerodayinitiative.com/advisories/ZDI-05-002.html

    Kerio and Tiny Personal Firewall: http://www.derkeiler.com/pdf/Mailing-Lists/securityfocus/bugtraq/2003-05/0099.pdf

    NOD32 Anti-virus: http://www.frsirt.com/english/advisories/2007/1911

    Check Point Firewall-1: http://secunia.com/advisories/10794/

  5. Re:What is Microsoft's reason for silence? by rk075906 · · Score: 1 · on Unofficial Patch For Windows URI Hole

    http://www.frsirt.com/english/advisories/2007/3182. More and latest vulnerabilities about microsoft

  6. What Flash can do by Beryllium+Sphere(tm) · · Score: 1 · on Online Videos May Conduct Viruses

    Dan Kaminsky has done some research into this. If you combine Flash with a DNS rebinding attack, interesting things can happen that wouldn't happen without Flash (which is to blame for a fire, the fuel or the air?).

    Scary web threats (HTML version)
    Scary web threats (Powerpoint)

    How confident can we be that there are no more remote command execution vulnerabilities in the Flash player?

    The designed security measures are only part of the puzzle when something is in the field.

  7. Re:Dadvsi again ? by I)_MaLaClYpSe_(I · · Score: 1 · on Laws Threaten Web Security Researchers
    I felt very sad when FrSirt pulled their PoC exploits off the net. It's a shame!


    Generally, the whole European Cybercrime Convention is very sad. I for one do not welcome our new data retention legislation overlords, they shall go to hell!


    I think it's time for someone to found a new resistance movement leading us to the revolution that will not be televised. Anyone willing to apply for the job? No? Oh, you mean, because fighting is useless as we do not have any rights anymore protecting our privacy?

    Right, I will be waiting for the Cybercrime Gestapo at my door, wait - someone's already

  8. Re:Well done, the OpenBSD team. by Leto-II · · Score: 1 · on Remote Exploit Discovered for OpenBSD

    And another one from December.

  9. Re:Well done, the OpenBSD team. by Leto-II · · Score: 2, Informative · on Remote Exploit Discovered for OpenBSD

    Other than kernel 2.0.x (10+ years ago), has Linux ever had a kernel bug that was exploitable remotely?


    A quick search turns up this from just last May:

    http://www.frsirt.com/english/advisories/2006/1916
  10. September 13, not September 15 by Infosec+Geek · · Score: 2, Informative · on Code Posted For New IE Exploit
    Since this was dated September 17, make that four days ago, not two.

    Check the date on the xsec.org page referred to, daxctle2.c. milw0rm 2358 was a re-publication of this, also posted up on 09/13/2006. Republication happened at other exploit advisory sites as well, such as the SecuriTeam(TM) site, where, for some strange reason, the exploit was published twice, redundantly.

    The formal vulnerability advisories SA21910 and FrSIRT/ADV-2006-3593, from Secunia and FrSIRT respectively, posted on 09/14/2006, confirmed and extended this, since both groups developed internal versions of daxctle2.c which were reliably effective in compromising fully patched instances of IE6.0 on WXPSP2.

    However, both these advisories made it clear that the root cause flaw was in the ActiveX component that was so successfully and famously attacked by HD Moore in July.

    Friday's MS advisory, Microsoft Security Advisory (925444), both clarified matters and proposed two workarounds that might be of more use than shutting down ActiveX or fervent prayer, namely:
    1. Disable just the DirectAnimation Path ActiveX Control in the Registry, or
    2. Modify the ACL of the actual file Daxctle.ocx to be more restrictive.
    Assuming, of course, that one considers it wise to use MSIE at all, given a choice. But PHBs from coast to coast have left many millions of cube inmates with exactly that: no choice.
  11. Re:What? Another one? by ZeekWatson · · Score: 0, Interesting · on Sendmail Hit by Data Interception Flaw
    qmail has vulnerabilities. DJB just refuses to acknowledge them.

    http://www.jcb-sc.com/qmail/guninski.html
    http://secunia.com/advisories/10649/
    http://secunia.com/advisories/15533/
    http://www.frsirt.com/english/advisories/2005/0490
    http://www.frsirt.com/english/product/3207
    http://www.saintcorporation.com/cgi-bin/demo_full_ tut.pl?tutorial_name=Qmail_vulnerabilities.html&fa ct_color=doc&tag=

  12. Re:What? Another one? by ZeekWatson · · Score: 0, Interesting · on Sendmail Hit by Data Interception Flaw
    qmail has vulnerabilities. DJB just refuses to acknowledge them.

    http://www.jcb-sc.com/qmail/guninski.html
    http://secunia.com/advisories/10649/
    http://secunia.com/advisories/15533/
    http://www.frsirt.com/english/advisories/2005/0490
    http://www.frsirt.com/english/product/3207
    http://www.saintcorporation.com/cgi-bin/demo_full_ tut.pl?tutorial_name=Qmail_vulnerabilities.html&fa ct_color=doc&tag=

  13. No link to actual advisory in summary or article by doorbot.com · · Score: 5, Informative · on Sendmail Hit by Data Interception Flaw
    I believe this is the actual advisory:

    http://www.frsirt.com/english/advisories/2006/1049

    A critical vulnerability has been identified in Sendmail, which could be exploited by remote attackers or network worms to take complete control of an affected system. This flaw is due to errors in the "setjmp()", "longjmp()" and "sm_syslog()" functions that do not properly handle certain asynchronous signals, which could be exploited by remote unauthenticated attackers to execute arbitrary commands by sending specially crafted requests to the SMTP port.
  14. Re:Not Previously Unknown by Anonymous Coward · · Score: 4, Informative · on Exploit Released for Unpatched Windows Flaw
    MS has released a patch for it...

    so that explains why fully patched systems are still vulnerable, yes?

    I guess you are really not doing your research. Read the Sunbelt article:
    http://sunbeltblog.blogspot.com/2005/12/new-exploi t-blows-by-fully-patched.html

    particular where it says: "We saw a new nasty exploit yesterday around 5:00 PM. This is a totally new exploit and is not the same one posted by FrSIRT back on 11/30/05."

    The previous one they referred to is here:
    http://www.frsirt.com/exploits/20051130.MS05-053.c .php

    Microsoft Windows Metafile (WMF) "mtNoObjects" Header Remote Exploit (MS05-053)
    Date : 30/11/2005

    Advisory ID : FrSIRT/ADV-2005-2348
    Rated as : Critical
    Note : Proof of concept exploit (DoS) /*
    * Author: Winny Thomas
    * Pune, INDIA
    *
    * The crafted metafile (WMF) from this code when viewed in explorer crashes it.
    * The issue is seen when the field 'mtNoObjects' in the Metafile header is set to 0x0000.
    * The code was tested on Windows 2000 server SP4. The issue does not occur with the
    * hotfix for GDI (MS05-053) installed.

    This is the one that has been patched by Microsoft.

    I guess you thought it's just not possible for there to be more than one hole per rendering engine, right?

  15. Re:Counterexample by griffindj · · Score: 1 · on Why Can't Microsoft Just Patch Everything?

    Here's two examples

    http://www.frsirt.com/exploits/20050207.ex_perl.c. php

  16. You mean.... by alan.briolat · · Score: 1 · on Zero-Day IE Exploit Takes Control of PCs

    ... this one? http://www.frsirt.com/exploits/20051121.IEWindow0d ay.php

    Nice to see Slashdot on the ball. I was reading this yesterday, not last week!

  17. Proof Of Concept Code by Anonymous Coward · · Score: 0 · on Zero-Day IE Exploit Takes Control of PCs

    Microsoft Internet Explorer "Window()" Remote Code Execution Exploit

  18. Re:Package management by runderwo · · Score: 1 · on Linux Standard Effort Edges Ahead
    There were several root exploits as late as 2.6.10. That is a hell of a lot of vulnerable kernels out there. And as soon as another one is found, it starts all over again.

    Bluetooth socket exploit
    LSM exploit
    uselib() exploit
    stack growth exploit

  19. Re:Package management by runderwo · · Score: 1 · on Linux Standard Effort Edges Ahead
    There were several root exploits as late as 2.6.10. That is a hell of a lot of vulnerable kernels out there. And as soon as another one is found, it starts all over again.

    Bluetooth socket exploit
    LSM exploit
    uselib() exploit
    stack growth exploit

  20. Re:Package management by runderwo · · Score: 1 · on Linux Standard Effort Edges Ahead
    There were several root exploits as late as 2.6.10. That is a hell of a lot of vulnerable kernels out there. And as soon as another one is found, it starts all over again.

    Bluetooth socket exploit
    LSM exploit
    uselib() exploit
    stack growth exploit

  21. Has anyone noticed new flaws? by jjMick · · Score: 1 · on Opera Free as in Beer

    As a same day several flaws were reported, classified as Moderate Risk: http://www.frsirt.com/english/advisories/2005/1789 'These could be exploited by attackers to bypass certain security restrictions or conduct spoofing and cross site scripting attacks.' 'An unspecified drag-and-drop error allowing unintentional file uploads.' How many security issues like this we'll see in the future. Bad boys are interested about Opera too.

  22. about:config workaround works in Netscape too by jjMick · · Score: 1 · on Patch & Workaround for Firefox Flaw Available

    This about:config method works in the newest Netscape 8.0.3.3 http://www.frsirt.com/english/advisories/2005/1691 too.

  23. Mozilla Suite and Netscape advisories released by jjMick · · Score: 1 · on Unpatched Firefox Flaw May Expose Users

    There is a separate advisory from FrSIRT with their severity level at http://www.frsirt.com/english/advisories/2005/1690 where they list Mozilla Firefox version 1.0.6 and prior, Mozilla Firefox version 1.5 Beta 1 and prior and Mozilla Suite version 1.7.1.1 and prior. Netscape 8 based to Firefox codebase is not immune: http://www.frsirt.com/english/advisories/2005/1691

  24. Mozilla Suite and Netscape advisories released by jjMick · · Score: 1 · on Unpatched Firefox Flaw May Expose Users

    There is a separate advisory from FrSIRT with their severity level at http://www.frsirt.com/english/advisories/2005/1690 where they list Mozilla Firefox version 1.0.6 and prior, Mozilla Firefox version 1.5 Beta 1 and prior and Mozilla Suite version 1.7.1.1 and prior. Netscape 8 based to Firefox codebase is not immune: http://www.frsirt.com/english/advisories/2005/1691

  25. That's completely false. by ninja_assault_kitten · · Score: 1, Informative · on Unpatched Firefox Flaw May Expose Users

    http://www.frsirt.com/english/advisories/2005/1690

    Affected Products:
    Mozilla Firefox version 1.0.6 and prior
    Mozilla Firefox version 1.5 Beta 1 and prior
    Mozilla Suite version 1.7.11 and prior

  26. And HERE it is.... by JRHelgeson · · Score: 1 · on Exploits Circulating for Latest Windows Holes
    Why should the bad guys be the only ones with it?

    http://www.frsirt.com/exploits/20050811.MS05-039.c .php

  27. It's easy to get tools for that by Anonymous Coward · · Score: 0 · on Rundown on SSH Brute Force Attacks

    Some googling shows:

    http://www.frsirt.com/exploits/08202004.brutessh2. c.php

    Still requires some additional effort, in getting a password database, and some additional functionality, but it seems to be easier than I thought.

    I wonder where all those attacks are comming from. Somebody probably must be fairly sure he doesn't get prosecuted.

  28. KRB5 vulnerability too by ikewillis · · Score: 4, Informative · on Flurry of Security Patches

    http://www.frsirt.com/english/advisories/2005/1066

    FrSIRT Advisory : FrSIRT/ADV-2005-1066
    CVE Reference : CAN-2005-1174 - CAN-2005-1175 - CAN-2005-1689
    Rated as : Critical
    Remotely Exploitable : Yes
    Locally Exploitable : Yes
    Release Date : 2005-07-12

    * Technical Description *

    Multiple vulnerabilities were identified in MIT Kerberos, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service.

    The first issue occurs in the MIT krb5 Key Distribution Center (KDC) implementation when processing specially crafted TCP/UDP requests, which could be exploited by an unauthenticated attacker to cause a denial of service or execute arbitrary code on the KDC host.

    The second vulnerability is due to a double-free error in the "krb5_recvauth()" function, which could be exploited by an unauthenticated remote attacker to execute arbitrary code in the context of a program calling the vulnerable function (this includes the kpropd program which typically runs on slave Key Distribution Center hosts).

    * Affected Products *

    MIT Kerberos 5 version 1.4.1 (krb5-1.4.1) and prior

    * Solution *

    Upgrade to krb5-1.4.2 release :
    http://web.mit.edu/kerberos/dist/index.html

    Or apply patches :
    http://web.mit.edu/kerberos/advisories/2005-002-pa tch_1.4.1.txt
    http://web.mit.edu/kerberos/advisories/2005-003-pa tch_1.4.1.txt

    * References *

    http://www.frsirt.com/english/advisories/2005/1066
    http://web.mit.edu/kerberos/advisories/MITKRB5-SA- 2005-002-kdc.txt
    http://web.mit.edu/kerberos/advisories/MITKRB5-SA- 2005-003-recvauth.txt

    * Credits *

    Vulnerabilities reported by Daniel Wachdorf and Magnus Hagander

  29. KRB5 vulnerability too by ikewillis · · Score: 4, Informative · on Flurry of Security Patches

    http://www.frsirt.com/english/advisories/2005/1066

    FrSIRT Advisory : FrSIRT/ADV-2005-1066
    CVE Reference : CAN-2005-1174 - CAN-2005-1175 - CAN-2005-1689
    Rated as : Critical
    Remotely Exploitable : Yes
    Locally Exploitable : Yes
    Release Date : 2005-07-12

    * Technical Description *

    Multiple vulnerabilities were identified in MIT Kerberos, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service.

    The first issue occurs in the MIT krb5 Key Distribution Center (KDC) implementation when processing specially crafted TCP/UDP requests, which could be exploited by an unauthenticated attacker to cause a denial of service or execute arbitrary code on the KDC host.

    The second vulnerability is due to a double-free error in the "krb5_recvauth()" function, which could be exploited by an unauthenticated remote attacker to execute arbitrary code in the context of a program calling the vulnerable function (this includes the kpropd program which typically runs on slave Key Distribution Center hosts).

    * Affected Products *

    MIT Kerberos 5 version 1.4.1 (krb5-1.4.1) and prior

    * Solution *

    Upgrade to krb5-1.4.2 release :
    http://web.mit.edu/kerberos/dist/index.html

    Or apply patches :
    http://web.mit.edu/kerberos/advisories/2005-002-pa tch_1.4.1.txt
    http://web.mit.edu/kerberos/advisories/2005-003-pa tch_1.4.1.txt

    * References *

    http://www.frsirt.com/english/advisories/2005/1066
    http://web.mit.edu/kerberos/advisories/MITKRB5-SA- 2005-002-kdc.txt
    http://web.mit.edu/kerberos/advisories/MITKRB5-SA- 2005-003-recvauth.txt

    * Credits *

    Vulnerabilities reported by Daniel Wachdorf and Magnus Hagander

  30. Who needs price comparison sites? by Anonymous Coward · · Score: 0, Funny · on Shopping Online

    1. Send zillions of emails containing enticing links.
    2. Watch as zillions of sheeple open said links with Internet Exploder.
    3. Ensure your site is equipped with the IE exploit du jour.
    4. Install keylogger, steal identity.
    5. ??? [obligatory, but unnecessary - why not spend this time in Zen-like meditation contemplating the nature of suffering?]
    6. Open anonymous delivery address using stolen identity.
    7. Visit any shopping site via r00ted Windows box and stolen credit card number.
    8. Profit!

    More seriously, why not go and tell the Internet Exploder people to get their house in order. If enough people complain then maybe they'll actually release a patch. Remember, they haven't released a patch for these vulnerabilities for NINETY-SEVEN DAYS.

  31. You might want to upgrade that box by Anonymous Coward · · Score: 0 · on What is the Best Firewall for Servers?

    ...and this only came out a couple days ago:

    http://www.frsirt.com/english/advisories/2005/0525

  32. Re:If security matters, don't do crypto in Linux by Anonymous Coward · · Score: 0 · on Hyper-Threading, Linus Torvalds vs. Colin Percival

    Not everyone has the same cash and technical staff as a banking institution. Should we all just give up crypto? Maybe we should just give up on Linux, since it's already had too many kernel exploits for one year this year.

    http://www.frsirt.com/exploits/

    05.17.2005 : Linux Kernel 2.6.x "ioctl_by_bdev()" Local Denial of Service Exploit
    05.11.2005 : Linux Kernel "binfmt_elf" Core Dump Local Buffer Overflow Exploit
    04.09.2005 : Linux kernel 2.4/2.6 Bluetooth Socket Creation Local Root Exploit
    04.04.2005 : Linux Kernel "AIO" Local Denial of Service Exploit (PPC64 and IA64 Arch.)
    03.30.2005 : Linux Kernel 2.6.x Local Denial of Service Proof of Concept Exploit
    03.22.2005 : Linux Kernel 2.6.11 "sys_epoll_wait" Local integer overflow Exploit
    03.22.2005 : Linux Kernel 2.4.x / 2.6.x uselib() Local Privilege Escalation Exploit
    01.17.2005 : Linux kernel i386 SMP race condition Local Root Exploit
    01.13.2005 : Linux kernel i386 SMP race condition Proof of Concept Exploit

    On the same page, you look for BSD systems (Free/Open/Net/Dragonfly) and see how many kernel exploits you find this beginning of the year.
    Ooops. I guess we're going to have to trust the FreeBSD guy on this one.

  33. Re:FrSIRT's Post! by Anonymous Coward · · Score: 0 · on New Mozilla Firefox 1.0.3 Exploit
    This company is just nothing.
    From their contact page [in french] http://www.frsirt.com/contact.php they tell they are FrSIRT / A.D.CONSULTING
    And from a good company registry website http://www.societe.com/cgi-bin/recherche?rncs=4785 02123
    you get that :[in french too, sorry]
    AD CONSULTING
    RCS Montpellier B 478 502 123
    Nom commercial : K-OTIK SECURITY
    Renseignements juridiques
    Siège social 1B Boulevard Berthelot
    34000 MONTPELLIER
    SIRET 47850212300019
    Forme juridique Société à responsabilité limitée
    Capital social 10.000,00 EURO
    Code activité 721Z - Conseil en systèmes informatiques
    Immatriculation 08-09-2004
    Nationalité France
    Dirigeant(s) Associé-Gérant M. BEKRAR Chaouki
    Dépôt légal 08-09-2004 Formation de société


    It's the same adress, so FrSIRT, AD consulting and K-otik security is just one company. It seem to have been created in semptember 2004 with 10k euros.
    The guy took 8 month to steal someone's security report and post it to get publicity.

    Good job ! now get ready for the stock options
  34. This isn't much of an "exploit" by richg74 · · Score: 5, Informative · on New Mozilla Firefox 1.0.3 Exploit
    The actual advisory page is here. The "Solutions" section says this:

    Disable JavaScript, or disable the "Allow web sites to install software" option [Tools - Options - Web Features].

    Why would anyone run routinely with "Allow web sites to install software" enabled ?

  35. Firefox also boasts remote code execution. by wschalle · · Score: 2, Interesting · on Firefox 1.1 Boasts New Features

    I haven't confirmed it myself, but this report says that firefox V1.03 is vulnerable to remote arbit. code execution.

  36. Re:Time Machine by Deviate_X · · Score: 1 · on Jobs Claims Microsoft Is Shamelessly Copying

    It was the exposure of the NT security model to the masses and 600 million end users which highlighted its blind spots and weaknesses. Given the number of vulnerability reported in Linux/various Unix'es on daily basis, I doubt its so-called 'model' would do much better.

    Mozilla Suite and Firefox "favicons" LINK Code Execution Exploit

    Linux kernel 2.4/2.6 Bluetooth Socket Creation Local Root Exploit

  37. Re:Time Machine by Deviate_X · · Score: 1 · on Jobs Claims Microsoft Is Shamelessly Copying

    It was the exposure of the NT security model to the masses and 600 million end users which highlighted its blind spots and weaknesses. Given the number of vulnerability reported in Linux/various Unix'es on daily basis, I doubt its so-called 'model' would do much better.

    Mozilla Suite and Firefox "favicons" LINK Code Execution Exploit

    Linux kernel 2.4/2.6 Bluetooth Socket Creation Local Root Exploit

  38. speaking of suid vulnerabilities by baryon351 · · Score: 3, Interesting · on It's not a Feature, It's a Vulnerability!

    Speaking of suid vulnerabilities, http://www.frsirt.com/exploits/20050123.fm-iSink.c .php is an exploit of the mrouter hole (an overflowable suid app in iSync) which allows local root access. Exploited in January, still unfixed in April.

    Severity of course depends on how your system is used.

  39. Well, it would be nice if Apple fixed... by meme_police · · Score: 4, Informative · on 10.4 on Display at FOSE

    ...thisbefore allowing their vendors to add more crappy conduits and then taking forever to fix their old root exploitable ones.