AFP remote root

Posted:
in macOS edited January 2014
This was touched on in two threads about that FUDdy security article, but I think it deserves a thread of its own. Here is the first identified, genuine remote root exploit in OS X. And despite protestations on /. about the service being off by default, lots of Mac users use Apple File Sharing. Sounds like, theoretically, this is the first exploit that could enable a Sasser-esque worm to be written for OS X. A few thoughts:



1. Software Update your Mac!

2. Will someone write an OS X worm, just to prove it can be done? Surely there would be hacker notoriety for being the first-ever OS X worm writer. What would be the reaction of the press and general public to such an event?

3. Interesting that it was found in Apple File Sharing, one of the few core technologies in OS X without open source roots. Will the time come when Apple drops AFS/AFP in favor of a GUI wrapper around sftp?

4. Apple had the patch out within 5 weeks of being notified of the vulnerability. Good enough? Too slow?

Comments

  • Reply 1 of 2
    mr. memr. me Posts: 3,219member
    Quote:

    Originally posted by Towel

    This was touched on in two threads about that FUDdy security article, but I think it deserves a thread of its own. Here is the first identified, genuine remote root exploit in OS X. And despite protestations on /. about the service being off by default, lots of Mac users use Apple File Sharing. Sounds like, theoretically, this is the first exploit that could enable a Sasser-esque worm to be written for OS X. A few thoughts:



    1. Software Update your Mac!

    2. Will someone write an OS X worm, just to prove it can be done? Surely there would be hacker notoriety for being the first-ever OS X worm writer. What would be the reaction of the press and general public to such an event?

    3. Interesting that it was found in Apple File Sharing, one of the few core technologies in OS X without open source roots. Will the time come when Apple drops AFS/AFP in favor of a GUI wrapper around sftp?

    4. Apple had the patch out within 5 weeks of being notified of the vulnerability. Good enough? Too slow?




    This problem was fixed last week. OK? My computer has been patched. Most other MacOS X 10.3 and 10.2.8 computers have this patch applied already. You can't propagate a virus in a population that has been innoculated.
  • Reply 2 of 2
    othelloothello Posts: 1,053member
    its about time apple embraced sftp anyway. like in the finder for accessing remote servers.



    moan, moan, whine.
Sign In or Register to comment.