Exploit world!
Macintosh section
[Back] to Fyodor's Playhouse
| Overflows in various Macintosh mail clients. | |
|---|---|
| Description: | Standard overflows. |
| Author: | Chris Wedgwood <chris@CYBERNET.CO.NZ> |
| Compromise: | DOS attack at least, there is at least a possibility of remote code execution (I've never seen this done on a Mac though). |
| Vulnerable Systems: | Macintosh boxes running Stalker Internet Mail Server V.1.6 or AppleShare IP Mail Server 5.0.3 SMTP Server |
| Date: | 8 April 1998 |
| Exploit & full info: | Available here |
| ICQ Spoofer | |
|---|---|
| Description: | The ICQ protocol is poorly designed and leads to a number of problems. Included in this message is an ICQ spoofer in C, a Perl version, and an ICQ flooder. A sniffer is also included. |
| Author: | Seth McGann <smm@WPI.EDU> and others |
| Compromise: | Harass ICQ users to no end :). |
| Vulnerable Systems: | People running ICQ, mostly windows users. There is probably a Mac client too. |
| Date: | 6 April 1998 |
| Notes: | All the code is somewhat jumbled together -- I'm sure you can figure it out. |
| Exploit & full info: | Available here |
| MAC tcp stack syn problem | |
|---|---|
| Description: | Apparently some Macintoshes crash from a high rate of TCP SYN packets (IE through a portscan) |
| Author: | nomad@APOLLO.TOMCO.NET |
| Compromise: | crash a mac |
| Vulnerable Systems: | Mac TCP system 7.1 and 7.8 |
| Date: | 31 August 1997 |
| Notes: | According to Jake Luck this problem was solved with OpenTransport 1.2 |
| Exploit & full info: | Available here |
| Netscape gives away user's files! | |
|---|---|
| Description: | A hole in the handling of the INPUT TYPE="FILE" tag allows a malicious website operator to download your files (if the filename is known). This apparently works on all platforms, and with Netscape up to Netscape Communicator. |
| Author: | "Paul T. Kooros" <kooros@TITAN.SRRB.NOAA.GOV> |
| Compromise: | Steal people's shit! |
| Vulnerable Systems: | Clients running Netscape Communicator 4.0 and earlier, as well as netscape navigator 3.* and probably earlier. This includes the Windoze, Macintosh, and UNIX platforms. |
| Date: | 16 June 1997 |
| Notes: | This is a great advisory! Show your thanks by buying his JavaScript book! I would if JavaScript wasn't such a lame language ;). |
| Exploit & full info: | Available here |
| Macintosh At Ease Apple Share automated login "feature" | |
|---|---|
| Description: | By default, At Ease will automate the login process to AppleShare servers, and store the login and password in clear text in the At Ease Preference file. You can usually read this file trivially by exploiting applications (like netscape file:// URLs). |
| Author: | Paul Melson <melson@SCNC.HOLT.K12.MI.US> |
| Compromise: | Unauthorised access to an AppleShare fileserver. |
| Vulnerable Systems: | Macintoshes, running At Ease and using the Auto Login "feature". |
| Date: | 21 May 1997 |
| Exploit & full info: | Available here |
| Ping of Death | |
|---|---|
| Description: | gazillions of machines can be crashed by sending IP packets that exceed the maximum legal length (65535 octets) |
| Author: | The page included was created by Malachi Kenney. The programs have attribution. |
| Compromise: | Stupid DOS |
| Vulnerable Systems: | I have heard that NT and 95 can actually lock up hard from the programs below. Also, early 2.0.x Linux, Solaris x86, and Macintosh systems are often vulnerable. |
| Date: | 21 October 1996 was when this page came up. |
| Notes: | The Ping O' Death page is included first, then comes BSD source code, then comes a version of the above which is modified to compile on Linux 2.X. I also appended jolt.c, which IP spoofs to. Woop! |
| Exploit & full info: | Available here |
This page Copyright © Fyodor 1996, 1997, 1998
[Back] to Fyodor's Exploit World main index