Security flaws make Macs vulnerable to attacks
Security research firm @stake is warning Macintosh users about three security problems with the Mac OS X 10.2.8 and previous versions. It ranks two of the flaws as high.
The first advisory, "Long argv Buffer Overflow," warns that an attacker could possibly crash Mac OS X and execute commands as root.
The Systemic Insecure File Permissions advisory states some applications on the vulnerable Mac OS X systems are installed with insecure file permissions and are globally writable. This lets attackers with file-system access to an OS X machine replace binaries and obtain additional privileges from unsuspecting users, who may run the replaced version of the binary.
[ Read more ]