exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

macosx-fwissues.txt

macosx-fwissues.txt
Posted Oct 31, 2007
Authored by Juergen Schmidt | Site heise-security.co.uk

It appears that the firewall on the new Mac OS X Leopard system is a bit botched.

tags | advisory
systems | apple, osx
SHA-256 | efa50c2ac1cc5fbec32db0b5e76f7437fc458042c3a85e3b25136a6246f482e1

macosx-fwissues.txt

Change Mirror Download
Hello,

we did some functional testing on the firewall of Mac OS X Leopard.
Short summary:

- the firewall is not activated by default but there are services running
even if you don't activate any sharing (as shown by netstat or lsof)

- if you set it to "Block all incoming connections" it still allows access
to certain system services. We could access the ntp daemon that is running
per default over the internet. In a LAN based scenario, we were able to
query the Netbios naming service even with full blocking enabled.

- if you set it to "Set access to specific services and programs" the
firewall permits access to listening processes startet by the user,
regardless if they are in the list of shared services. We were able to
access a service like "nc -l 1414" over the internet.


ntpd is labeled 4.2.2, the latest version is 4.2.4. It is unknown if any
of the bugs fixed in the meantime are relevant in this scenario or if
fixes have been backported.

The same applies to the Samba package (3.0.25b-apple), of which releases
3.0.25c and 3.0.26a contained numerous bug fixes.


For more information see:

A second look at the Mac OS X Leopard firewall
https://www.heise-security.co.uk/articles/98120


bye, ju

--
Juergen Schmidt, editor-in-chief heise Security www.heise-security.co.uk
GPG-Key: 0x38EA4970, 5D7B 476D 84D5 94FF E7C5 67BE F895 0A18 38EA 4970
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close