NEWSFORUMSOFTWARE TOOLSMERCHANDISEADVERTISECONTACT
mods:ext modsint modslighting modsperipheral modssw modsmisc modstechniques
Check out the mods submitted from this years Mod Challenge!
 
PWN to OWN exploit 1 year old
Written by Chris Tangora   
Tuesday, 22 April 2008
cansecwest.jpgTurns out the exploit used in the CanSecWest PWN to OWN zero day hack contest was known for about a year.  The bug was routed in the version of Perl used by Safari.  Perl had been aware of it for a year, but Apple never kept up to date with the releases or patches, so the exploit stayed open until last week.

Miller (who won the $10,000 & a MacBook Air) said he was not going to return the prize money, as he found it independent of the documented Perl exploit.  This does bring up one of things that I think Apple does a bad job of, keeping up to date with the versions of open-source software that comes standard.  PHP and Perl are just a few that lag behind current standards, and this exploit shows that Apple is not interested (right now) at keeping it's already installed software patched.

From PCWorld.com via Yahoo News




Be first to comment this article

Write Comment

Name:
Comment:

Code:* Code
I wish to be contacted by email regarding additional comments
 
< Prev   Next >
> latest forum topics
> latest forum posts
Copyright © 2002 - Present.  MacMod.com.  All rights reserved.  Privacy Policy.  Terms & Conditions.  Designed & Powered by Ackoo.