|
Focus on Apple
Re: .dmg file exploit Nov 21 2006 09:08PM mfossi securityfocus com (2 replies) Re: .dmg file exploit Nov 21 2006 09:49PM Roland Dobbins (rdobbins cisco com) (2 replies) Re: .dmg file exploit Nov 22 2006 03:25PM mfossi securityfocus com (1 replies) Re: .dmg file exploit Nov 22 2006 04:04PM Roland Dobbins (rdobbins cisco com) (1 replies) Re: .dmg file exploit Nov 22 2006 06:02PM Martin Roesch (roesch sourcefire com) (3 replies) Re: .dmg file exploit Nov 22 2006 06:40PM Jeramey Valley (ValleyJR mps k12 mi us) (1 replies) Re: .dmg file exploit Nov 22 2006 06:37PM Roland Dobbins (rdobbins cisco com) (1 replies) Re: .dmg file exploit Nov 22 2006 08:29PM Martin Roesch (roesch sourcefire com) (2 replies) |
|
|
Privacy Statement |
>
> At last, someone did the actual research. I'd be stunned if anyone
> managed to get either of these problems to allow execution of
> arbitrary code. Even for the first one, because of the interior
> workings of OS X there's no way to tell where your arbitary code would
> be put in memory, so there's no obvious way to trigger its execution.
> The most I'd expect is panics or obvious memory corruption.
>
Simon... I thought we established several posts ago that you had no
place commenting on how exploitable something is or is not? Seriously
dude... ever hear of gdb? does 'target remote-kdp' mean anything to you?
> For at least one of them, probably both, the only people who can fix
> the problem are Apple, and in both cases the fix is relatively easy.
> I'd expect them to be fixed in 10.4.9.
I expect lots of bugs I submit to them to be patched on my schedule...
the fact of the matter is they will fix it when they feel like it.
-KF
[ reply ]