Posted on 12/15/2004 7:00:59 AM PST by holymoly
Acrobat and also Ethereal suffer vulnerability alerts.
Adobe has patched two bugs in its ubiquitous Acrobat Reader application that could allow an attacker to take over a user's system via a malicious pdf file attached to an e-mail message. The bugs affect Windows, Mac OS X and Unix.
Separately, developers warned of bugs in Ethereal, a popular network protocol analyser, that could allow an attacker to take over a system.
Security research company iDefense warned of the bug affecting Windows and Mac in an advisory published on the Bugtraq mailing list late on Tuesday. The problem is a format string vulnerability in version 6.0.2 of Adobe Reader, allowing users to craft a special .etd file that could cause an invalid memory access and allow for the execution of malicious code with the privileges of the user. Reader uses .etd files in handling eBooks.
The bug could be exploited by an e-mail containing either a malicious pdf file or a link to such a file, according to iDefense. The company said earlier versions of Reader 6 could be vulnerable, and said the bug is likely to also affect Adobe Acrobat, the application used to create pdf files.
Adobe released a fix in version 6.0.3 of both Acrobat and Acrobat Reader for Windows and Mac OS X. All the updates are available from Adobe's Web site.
iDefense said users could also work around the problem by deleting the file "C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\eBook.api", which makes Reader and Acrobat unable to handle eBooks.
A similar bug affects Unix. A boundary error in the "mailListIsPdf()" function, which checks to see whether a document in an email is a PDF file, unsafely copies user supplied data into a fixed sized buffer, according to iDefense.
This could allow an attacker to cause a buffer overflow and execute malicious code, the company said. Adobe has fixed the bug in Acrobat Reader version 5.0.9 for Unix, available on its site. iDefense said previous versions of Reader 5 are likely to also be affected. In its advisory, iDefense included a shell script patch users can apply for additional protection.
Ethereal bug
Several bugs were also reported in Ethereal, which claims to be one of the most popular tools for network software and protocol development, troubleshooting and analysis. The bugs can make the application hang, crash or otherwise disrupt a system, and may also allow allow for malicious code execution, Ethereal's developers said.
"It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file," the project said in a Wednesday advisory.
The bugs affect versions 0.9.0 up to and including 0.10.7, and are fixed in version 0.10.8. Secunia, which publishes an independent security database, said the problems were "highly critical".
Post one, please I beg you post up one example (after all they are countless) where someone does not say less vulnerable, but not at all vulnerable.. Stop making stuff up.
I'm not really sure it's doable, though, as you describe it. Nor am I sure that something that drastic is really necessary. Security is a process, not a product, and the keys to the process are education for users about safer computing, and tools that effectively promote safer computing.
Perfect example: the Half-Life 2 Steam client. It will not run on user-level accounts or lower on either XP or Win2k. This is because Steam expects to be able to write to HKEY_LOCAL_MACHINE when it installs, and expects to be able to write the Program Files folder when it updates itself or otherwise gets new content. Problem: user-level accounts (including "limited" accounts on XP-Home) do not have write access to Program Files or HKEY_LOCAL_MACHINE. Crappy design from Valve, to be sure, but there are two ways around that - either use "runas" to run that particular software with higher privileges, or you can give explicit write permissions to users for the Steam folder and that registry region (you probably would prefer to rewrite it so that you don't have to have users touching that portion of the registry, actually, but nevermind).
But most people don't know how to do either of those things to preserve some security, and even if they did, it's somewhat inconvenient, so they take the easy way out and simply run as administrators. In that case, both the software and the users are lacking - the software is lacking because it has a crappy design that requires the end-user to preserve security via workarounds, and the users are lacking because most of them don't know how to do those workarounds, or even why they should.
Good software design can help protect the system from clueless users, and savvy users can help protect the system from bad software design, but unfortunately, it's all too common to have neither. Instead, you wind up with the worst possible outcome - clueless users operating badly designed software.
Hmm so where in here is he saying that (A) Unix is invulnerable to attack, (B) OSX in invulnerable to attack, (C) Linux is invulnerable to attack?
Seems to me he is asking which UNIX Virii takes over macs? meaning there are not any out there right now. He did not say that a Mac is invulnerable to attack..
Nice try...
I just refuse to use software that does that. I'm sure I won't encounter any problems with a Half-Life II installation on my mac though. LOL! For the same reason no one encountered problems with Half-Life one on their macs.
In general, the overall security is simply better on Unix systems because there is almost never a need to login as root. That doesn't mean you can be completely complacent, but the target is a lot smaller. I update programs for which there are only local exploits just as religiously as I to those that are succeptable to remote exploits, not because I'm worried about anyone in my household taking advantage of them, but rather because it's just the smart thing to do.
Also, to come back to the point about having an ftp program that will dump your data remotely, there are quite a few tools out there that will alert you to such things. I keep a program open that presents a histogram of CPU usage, cache and internet usage (both incoming and outgoing), so I'd most likely notice if something lke that were going on. It's all about awareness IMO. If you are aware of what should be happening, you're far less likely to get bitten by things that shouldn't be.
Wrong. Thank you for playing.
The point I was making was not that Macs are invulnerable. The point is that they are less vulnerable for MORE reasons than the old "security by obscurity" logic my opponent was using.
But I'll bet you knew that.
Comeon according to you they are all over the place..
Adobe just released Acrobat Reader 7.0 which addresses the vulnerabilities of the previous version. Every one is urged to download and install it immediately to take advantage of the security enhancements as well as file reading improvements.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.