OSX vunerability

Discussion in 'NZ Computing' started by T.N.O., Dec 1, 2003.

  1. T.N.O.

    T.N.O. Guest

    http://www.theregister.co.uk/content/39/34240.html

    "The vulnerability affects Mac OS X 10.2 and 10.3 on both workstation
    and servers. Earlier versions of Mac OS X may also be vulnerable.

    Carrel suggests a number of workarounds including preventing any network
    authorisation services from obtaining settings from DHCP, as explained here.

    A fix from Apple is not expected before next month at the earliest."
     
    T.N.O., Dec 1, 2003
    #1
    1. Advertising

  2. T.N.O.

    Craig Shore Guest

    On Mon, 01 Dec 2003 16:19:45 +1300, "T.N.O." <> wrote:

    >http://www.theregister.co.uk/content/39/34240.html
    >
    >"The vulnerability affects Mac OS X 10.2 and 10.3 on both workstation
    >and servers. Earlier versions of Mac OS X may also be vulnerable.
    >
    >Carrel suggests a number of workarounds including preventing any network
    >authorisation services from obtaining settings from DHCP, as explained here.
    >
    >A fix from Apple is not expected before next month at the earliest."


    From the article on that www site, Posted: 27/11/2003 at 16:22 GMT

    So it's next month already :)
     
    Craig Shore, Dec 1, 2003
    #2
    1. Advertising

  3. T.N.O.

    T.N.O. Guest

    Craig Shore wrote:
    >>http://www.theregister.co.uk/content/39/34240.html
    >>A fix from Apple is not expected before next month at the earliest."


    > From the article on that www site, Posted: 27/11/2003 at 16:22 GMT
    > So it's next month already :)


    heh, I only read it every couple of days... guess I should have checked
    that before posting it, but I hadn't noticed anyone point it out.
     
    T.N.O., Dec 1, 2003
    #3
  4. T.N.O.

    Peter KERR Guest

    > http://www.theregister.co.uk/content/39/34240.html
    >
    > "The vulnerability affects Mac OS X 10.2 and 10.3 on both workstation
    > and servers. Earlier versions of Mac OS X may also be vulnerable.
    >
    > Carrel suggests a number of workarounds including preventing any network
    > authorisation services from obtaining settings from DHCP, as explained here.
    >
    > A fix from Apple is not expected before next month at the earliest."


    Wow, it's next month already ;-)

    http://docs.info.apple.com/article.html?artnum=32478

    Which says effectively if you don't need it, turn it off.
    AFAIK 10.0,1,2 came out of the box with it turned off.
    Is it on as default in 10.3? or is this a case of
    don't turn it on if you don't know what you're doing?

    & while we're at it this one popped up:

    http://www.security-corporation.com/articles-20031124-001.html

    This is a "feature" of Panther 10.3, sudo authentication from
    the Finder. By default all members of the group "admin" gid 80
    are added to /etc/sudoers. If you have "admin" users who you
    wish not (for whatever reason) to sudo, you must edit
    /etc/authorization (and /Library/Preferences/com.apple.desktopservices ?)
    These procedures appear not to be well documented for
    client desktops ...
     
    Peter KERR, Dec 2, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. look^
    Replies:
    1
    Views:
    500
    Moz Champion
    Aug 26, 2004
  2. Daniel J. Stern

    FireFox (OSX): No in-page keyboard navigation?

    Daniel J. Stern, Dec 25, 2004, in forum: Firefox
    Replies:
    1
    Views:
    670
    Moz Champion
    Dec 27, 2004
  3. murman
    Replies:
    1
    Views:
    507
    Moz Champion
    Feb 22, 2005
  4. Jim Watt

    MS jpeg vunerability

    Jim Watt, Sep 20, 2004, in forum: Computer Security
    Replies:
    14
    Views:
    742
    yada yada
    Oct 9, 2004
  5. Skybuck Flying

    Webbrowser vunerability

    Skybuck Flying, Feb 8, 2011, in forum: Windows 64bit
    Replies:
    1
    Views:
    1,042
    joevan
    Feb 9, 2011
Loading...

Share This Page