ibneko: (Default)
ibneko ([personal profile] ibneko) wrote2006-02-21 01:42 pm
  • Add Memory
  • Share This Entry
Entry tags:

Regarding the recent MacOS X Exploit

Secunia (security-bug-whatnot site that I follow) has released a Vulnerability test for the Safari command execution exploit.

http://secunia.com/mac_os_x_command_execution_vulnerability_test/

The current available solution:
Solution:
The vulnerability can be mitigated by disabling the "Open safe files after downloading" option in Safari.

--
Or use firefox. Maybe. I dunno. Will test that... maybe much later.
Flat | Top-Level Comments Only

[identity profile] fbartho.livejournal.com 2006-02-21 09:24 pm (UTC)(link)
these are directions on how to make your own exploit for this, so you are certain what's in the files, the link on secunia is just a launch command for calculator.app, and on another link in slashdot for Heiser-something was just a jpg that did ls -al and echo "some german message"

http://apple.slashdot.org/comments.pl?sid=178068&cid=14767986
Flat | Top-Level Comments Only