SecurityAffected Product: Mac OS X 10.3 Build 7B85
Severity: Low
Impact: Security Bypass
Where: Local System
Author: CodeSamurai (codesamurai@mac.com)
VULNERABILITY
With access to the keyboard, an unauthorized user can access the currently active screen-locked user environment. However, there is only a relatively small opening in the period of time in which the keys events get through; completing complicated operations at the keyboard have shown to be highly tedious in actual practice thus far.
EXPLOIT
With the screen effect active, keys pressed before the authentication window appears will be sent to the general user environment.
PRACTICAL TESTS
Tested Examples:
An open word …
October 4, 2003 •
2 min read
SecuritySAINT, or Security Administrator’s Integrated Network Tool, is a vulnerability scanner that allows network administrators to scan their local area networks for security flaws. SAINT can then prepare reports detailing the extent and seriousness of these weaknesses, as well as providing links to fixes and recommended security procedures. While SAINT was originally developed for UNIX based systems, it has recently been ported to Mac OS X.
Installation
Installation of SAINT may be a rough task to those not familiar with UNIX. Users are expected to know how to use the terminal to …
September 2, 2003 •
3 min read
SecuritySecurity Issue: Mac OS X Screensaver Password Protection Bug
Systems Vulnerable: Mac OS X 10.2.6 and prior
Date Fixed: TBA
Apple’s Mac OS X screensaver apparently contains a buffer overflow vulnerability that causes the screensaver to dump not requiring the user to enter a legitimate username and password.
When enabling the password protection on the Mac OS X screensaver users are required to authenticate before leaving the screensaver to gain access to the desktop again. Delfim Machado notified Apple that he had learned of a bug that caused the screensaver to exit without properly …
July 7, 2003 •
1 min read
SecurityComputers running Mac OS X prior to 10.2.4 and unpatched contain a vulnerability that can be exploited to create files that can be run at elevated privileges because of the TruBlueEnvironment. Included is the security advisory covering the issue discovered by @Stake’s Dave.
For those unable to update they can change the permissions of the vulnerable files to the admin group.
sudo chown .admin /System/Library/CoreServices/Classic\ Startup.app/Contents/Resources/TruBlueEnvironment
sudo chmod 4750 /System/Library/CoreServices/Classic\ Startup.app/Contents/Resources/TruBlueEnvironment
Security Advisory
Advisory Name: TruBlueEnvironment Privilege Escalation Attack
Release Date: 02/14/2003
Application: TruBlueEnvironment
Platform: MacOS X (10.2.3 and below)
Severity: Local users can gain root privileges
Author: Dave G.
Vendor …
February 11, 2003 •
3 min read
SecurityInformation
LittleSecrets for Mac OS X gives the Macintosh users the ability to store notes in an encrypted format that can only be accessed with the password assigned to the file. Upon launching the encrypted file the user is instructed to enter the password, only upon proper authentication is access granted to the file.
Think of LittleSecret as a note management system that allows for you to sort and create new notes all manageable from the programs interface. The user is allowed to create folders and sub-folders to sort the information even …
January 10, 2003 •
2 min read
SecurityInformation
Tresor is a file encryption tool for the Macintosh. It is simple to use, fast, and offers very high cryptographic security. It is available in native versions for 68k Macs and PowerMacs as well as in a FAT version and requires MacOS 7.0 minimum. Tresor is shareware. The registration fee is 20 Euro.
Tresor encrypts any file using the IDEA block encryption algorithm. Encryption uses self-selected passwords. For decryption, the same password that was used for encryption will be needed again.
IDEA (International Data Encryption Algorithm) uses data blocks of 64 bits …
December 8, 2002 •
2 min read
SecurityKeys Off is now at version 1.3.2, now fully compatible with MacOS 9 and includes version 1.5 of the BlackWatch screen saver.
Information
Blue Globe Software has been producing high quality shareware since 1991, and they expect to continue this trend for a long time to come. They have updated and patched previous versions of Keys Off to keep it up to date. Their Software has many features you can not find anywhere else for a very low price.
DOWNLOAD Shareware Version
You can use Keys Off by Shareware, to download version 1.3.2 click …
November 11, 2002 •
3 min read
SecurityResolution
The issue described below was addressed and take resolved by Apple July 12th 2002 by adding checksums to downloads. Update to current version of Mac OS X via the software updates or visit AppleCare Document 75304
Information
Anonymous writes “I have recently been forwarded a mail from a reliable source which highlights a possible security issue with Software Update. I have not tested it myself, but both the source of the mail and the person who forwarded it are reliable and have always helped me to keep up to date with a …
July 6, 2002 •
2 min read
SecurityMAC OS X Security to the general Macintosh user has never been much of an issue. Turn it on, use it, turn it off when you’re done. And even if you’ve got a DSL or other dedicated line, warnings related to hack attempts on open and dedicated networks lines never seemed to instill fear in a Mac user. Sure there are products like Norton Personal Firewall or NetBarrier 2.0, but these are for professionals right? Well, not really. But the truth is, for the general Macintosh user, the chances of …
June 5, 2002 •
7 min read
SecurityAbout Cisco VPN Client
The Cisco VPN (Virtual Private Network) Client establishes an encrypted tunnel between a local system and a Cisco VPN Concentrator. The tunnel provides confidentiality and integrity for the data in transit, allowing a user on the local system to securely connect to a corporate network via a public, possibly untrusted network.
Information
Cisco’s VPN Client for Mac OS X, Linux and Solaris contains a security vulnerability which results in administrative privileges via a exploit. The Virtual Private Network (VPN) client allows for the Non-Windows platform to function over a …
June 4, 2002 •
4 min read
SecurityThis is one section of an overall document. The overall publication covers the setup of a Mac OS X Server. This part is being made public to help others secure their machines.
This document outlines some security measures for the Mac OS X Server 1.0 – 1.2 platform. While Mac OS X Server (OSXS) is a fairly secure environment out of the box, these basic measures help create a more secure computing environment. They should be taken by all personnel running a Mac OSXS on the WSU campus network.
The measures outlined …
June 2, 2002 •
11 min read
SecurityInformation
BugScan is a Macintosh Virus File Scanner which allows users to determine if they have AutoStart 9805 Worm and SevenDust virus files on their hard drives. BugScan will detect all files for all strains of the AutoStart 9805 Worm plus all strains of the SevenDust virus current at 06/14/99, a number of Trojan Horse files that are currently circulating in the Mac world as well as some of the most recent virus files common to the Windows platform.
Views
Nifty program to keep around. MacAddict, MacWorld, and MacPool gave them the vote.
June 1, 2002 •
1 min read
SecurityPublished: 5.07.2002
Fixed: Mac OS X 10.1.4
Effected OS:
Mac OS X 10.1.3 and prior)
Information
The problems lies within the file /usr/sbin/sliplogin (sliplogin) bundled with versions of Mac OS X prior to 10.1.4 due to the permissions defined and a buffer overflow. The system can be taken control of if a non-administrative user were to overflow the program giving them permissions as a root user. This issue has been taken care of in 10.1.4 system security update, if you have not yet updated do so now.
A unix styled exploit for the Macintosh! This is …
May 7, 2002 •
2 min read
SecurityToday it was discovered in Mac OS X 10.1.4 (Not tested with prior versions yet) with multiple users
I have stumbled across a rather large security hole when AppleSharing between a Mac OS 9.2.2 box and a Mac OS X box running v.10.1.4.
If a Mac OS X 10.1.4 box contains multiple user or administrator accounts, their home directories as well as access to some shared folders with permissions for only one specific account can be broken into via AppleShare.
The trick is simple. This can be done on any administrator account on …
May 4, 2002 •
2 min read
SecurityInformation
SubRosa Vol 1-File Utilities is SubRosaSoft.com Ltd’s first line of privacy products which help Macintosh users secure themselves and their personal data. The suite of software to protect your files consist of the following; file and folder encryption, multi-pass shredder, and free decryptor. Each one of these programs make it easy enough for any Mac user to enforse digital security on the personal data that is stored on the computer.
SubRosa Encryptor
The SubRosa Encryptor allows you to take files or folders and convert them into a encrypted archive that you can …
May 1, 2002 •
4 min read
SecurityFixes
To fix Internet Explorer:
This is done by updating through the Software Update Pane/Control Panel.
Patch Microsoft Office Products: Patch is Here
More Information:Security Alert
Vulnerability: Run code attacker wants.
Severity Level: Microsoft suggests Critical
Affected Software:
Microsoft Internet Explorer 5.1 for Macintosh OS X
Microsoft Internet Explorer 5.1 for Macintosh OS 8 & 9
Microsoft Outlook Express 5.0.-5.0.3 for Macintosh
Microsoft Entourage v. X for Macintosh
Microsoft Entourage 2001 for Macintosh
Microsoft PowerPoint v. X for Macintosh
Microsoft PowerPoint 2001 for Macintosh
Microsoft PowerPoint 98 for Macintosh
Microsoft Excel v. X for Macintosh
Microsoft Excel …
April 9, 2002 •
4 min read
SecurityMac OS X is UNIX at the core this is very true as described in Apple’s print advertisement, besides sending all others to /dev/null this OS is also open to all the security issues behind the UNIX environment.
Many features that are offered in the UNIX enviornment can lead to security concerns. They’re not to be considered bugs or exploits, just features. Recently Max Grosse shared with SecureMac.com how a feature in sudo could be used to the advantage of hackers to create backdoors or execute malicius code.
The code Max created …
April 6, 2002 •
6 min read
SecurityMacs are Vulnerable, too
Due to the potential vulnerabilities of Mac OS X, Macintosh computer systems are more susceptible to security breaches and threats than ever before. Many Mac users falsely believe that they are immune to virus and hacker attacks. It’s true that Macs are generally affected less by intrusions than PCs, but that’s only because Macintosh makes up such a small percentage of the market. In reality, with the growing number of viruses in existence and the increasing number of hackers on the Internet, there isn’t a computer in …
April 6, 2002 •
5 min read
SecurityThe folks at BSD-H have found a flaw that offers anyone in the admin group the ability to achieve root access via sudo. For those of you new to Mac OS X and the whole Unix environment do not get frustrated, this article will enlighten you about sudo and what steps you need to talk to fix the security issue.
The Flaw
Dubbed ‘RootX’ when this exploit is compiled, the program communicates with a sudo feature to give root to any admin under Mac OS X. Sudo means ‘do this command as …
February 7, 2002 •
4 min read
SecurityStuffing Mac OS and Mac OS X with Nimda Worm
Nimda fills the Macintosh with .eml files if File Sharing is enabled.
Includes Samba.
WW32/Nimda@mm
PE_NIMDA.A
I-Worm.Nimda
W32/Nimda-A
Win32.Nimda.A
W32.Nimda.A@mm, simply known as Nimda is a mass-mailing worm/virus that spread itself via multiple methods. Nimda will send itself out by email and will search for network shares that are open and try to copy itself to vulnerable/unpatched Microsoft IIS web servers and other network connections (Samba/File Sharing).
Nimda is a Windows worm/virus. However, if your Macintosh is connected to the internet or network with File Sharing methods enabled you …
January 5, 2002 •
61 min read