Re: MacOS X SoftwareUpdate Vulnerability

From: Corey J. Steele (csteele@good-sam.com)
Date: 07/11/02 

From: "Corey J. Steele" <csteele@good-sam.com>
To: Julian Suschlik <julian.suschlik@gmx.net>
Date: 11 Jul 2002 09:31:27 -0500

What about modifying the search order of `lookupd` and telling it to use
/etc/hosts and then using an entry in /etc/hosts to statically identify
swquery.apple.com? Might be a viable work-around?

-C

On Mon, 2002-07-08 at 09:42, Julian Suschlik wrote:
> Hi,
>
> Am Sonntag den, 7. Juli 2002, um 06:21, schrieb Russell Harding:
>
> > ----------------------------------------------------------------------------
> > MacOS X SoftwareUpdate Vulnerability.
> > ----------------------------------------------------------------------------
> >
> > Date: July 6, 2002
> > Version: MacOS 10.1.X and possibly 10.0.X
> > Problem: MacOS X SoftwareUpdate connects to the SoftwareUpdate Server via
> > HTTP with no authentication, leaving it vulnerable to attack.
> [...]
> > Solution/Patch/Workaround:
> [...]
>
> A possible workaround:
>
> System Preferences -> Software Update -> Update Software: [x] Manually
> Donīt touch the "Update Now"-Button!
>
> Look for updates on http://www.info.apple.com/support/downloads.html
> Use trusted networks or http-to-mail gateway to get the files.
>
> HTH,
>
> Julian
> 

-- 
Corey J. Steele, Information Security Analyst
The Evangelical Lutheran Good Samaritan Society
csteele@good-sam.com | http://www.good-sam.com

Loading