Re: MacOS X SoftwareUpdate Vulnerability

From: gabriel rosenkoetter (grat_private)
Date: Fri Jul 12 2002 - 06:14:49 PDT

Next message: Matthew Murphy: "Three BadBlue Vulnerabilities"

Previous message: JWC@portcullis-security.com: "Portcullis Security Advisory - IIS Microsoft SMTP Service Encapsu lated SMTP Address Vulnerability"
In reply to: Corey J. Steele: "Re: MacOS X SoftwareUpdate Vulnerability"
Next in thread: jaehnelat_private: "RE: MacOS X SoftwareUpdate Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 11, 2002 at 09:31:27AM -0500, Corey J. Steele wrote:
> What about modifying the search order of `lookupd` and telling it to use
> /etc/hosts and then using an entry in /etc/hosts to statically identify
> swquery.apple.com?  Might be a viable work-around?

Then I arp flood your router and spoof the IP address.

Updates must at least be checksummed and really ought to be
cryptographically signed. Period.

-- 
gabriel rosenkoetter
grat_private

application/pgp-signature attachment: stored

Next message: Matthew Murphy: "Three BadBlue Vulnerabilities"
Previous message: JWC@portcullis-security.com: "Portcullis Security Advisory - IIS Microsoft SMTP Service Encapsu lated SMTP Address Vulnerability"
In reply to: Corey J. Steele: "Re: MacOS X SoftwareUpdate Vulnerability"
Next in thread: jaehnelat_private: "RE: MacOS X SoftwareUpdate Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 12 2002 - 17:55:49 PDT