Re: Apple pentesting

From: Thomas Stromberg (tstrombe_at_indiana.edu)
Date: 04/05/05

Next message: Thomas Hardly: "Re: Apple pentesting"

Previous message: Altheide, Cory B. (IARC): "RE: Apple pentesting"
In reply to: Todd Towles: "RE: Apple pentesting"
Next in thread: Thomas Hardly: "Re: Apple pentesting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 05 Apr 2005 14:51:36 -0500
To: Todd Towles <toddtowles@brookshires.com>

Todd Towles wrote:
> Nessus does work against Macs, the problem with testing Macs is they
> never released vulnerability statements..never. If a hole is found,
> Apple releases a patch and no ones says anything. If Microsoft did
> this..everyone would go crazy.

See http://docs.info.apple.com/article.html?artnum=61798

You will find a list of what components each patch affects, along with
the CVE ID. Heck, they even give credit to the discoverers of each
exploit. While I can't say for sure that they have never snuck patches
in for unrelated issues, I've found it a worthwhile resource.

-- 
//  Thomas Stromberg, 812.855.8450
//  UNIX Coordinator, Chemistry IT Group
//  Indiana University Bloomington

Next message: Thomas Hardly: "Re: Apple pentesting"

Previous message: Altheide, Cory B. (IARC): "RE: Apple pentesting"
In reply to: Todd Towles: "RE: Apple pentesting"
Next in thread: Thomas Hardly: "Re: Apple pentesting"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]