Dan Shoop’s Unofficial Mac OS X Server FAQ has morphed into a WIKI! Much needed I say. Contribute and fill in the blanks.
Category: os x
Apple’s Mac and iP* device operating system
Mac OS X 10.3.7 is now out
The Mac OS X 10.3.7 update is now available.
A few choice resolved issues:
- Resolves an issue in which Safari, Mail, and other networking applications that use DNS lookups could experience intermittent connectivity issues with Security Update 2004-09-30 and Mac OS X 10.3.5 or later installed.
- Filenames longer than 31 characters are no longer shortened when the file is saved on a server via Apple File Sharing.
- Resolves an issue with Mac OS X 10.3.6 in which some FireWire hard drives would not appear (“mount”) on the desktop.
Bad, bad mailserver! (redux 2)
Exploit 3
Well, this whole topic has been beaten to death, so I will attempt to minimize my contribution.
Apple’s Security Update 2004-05-24 eliminates the need for my Help Viewer hack (see below). However it doesn’t close all of the URI scheme holes.
For details on that topic I’ll send you over to John Gruber at Daring Fireball.
Right! Now back to our regular scheduled programming..
Exploit 2:
The Mac net is a buzz with this news: There is a vulnerability in OS X that is potentially dangerous. When given a correctly structured (and possibly malicious) URL, Safari (and other browsers) can respond by asking the Help Viewer application to execute an AppleScript on a volume that is not the startup disk. When coupled with a disk image’s ability to auto mount after download we have a serious opportunity for a security exploit.
This is very reminiscent of the AutoStart worm from 1998 that took advantage of a security hole in QuickTime 2.0 and used to infect Syquest and Zip cartridges.
The first fix I documented just removed the execute privilege from the Help Viewer executable. This fix is a little more elegant and only disables AppleScript in Help Viewer.
Better fix:
cd /System/Library/CoreServices/Help Viewer.app/Contents
sudo cp Info.plist Info.plist.bck
sudo pico -w Info.plist
- Scroll to the bottom of the document and change the
NSAppleScriptEnabled
entry fromtrue
tofalse
There is a benign example of the exploit that you can use to test your systems.
via: macfantic in MacCentral’s comments