Remote Denial of Service For OS X (Leopard)

Given the large amount of “feedback” I receive from many venues on why I’m crazy for suggesting that OS X users employ some type of client-side security software, I wanted to point out a very recent exploit that I saw over at Joel Esler’s blog. The vulnerability is around the IPv6 networking layer of the underlying BSD operating system. Here’s the code:

ORIGINAL
md = m_pulldown(m, off, sizeof(*ipcomp), NULL);
if (!m) {

WHAT IT SHOULD HAVE BEEN
md = m_pulldown(m, off, sizeof(*ipcomp), NULL);
if (!md) {

A one character difference in source code in an open source component trickled it’s way up to our shiny new operating system.

Anti-virus software won’t help you on this one (and I’m sure someone will point that out and continue to defend the lack of need for client security), but it provides a clear example of how coding errors in the operating system can – and will – be exploited, which is a strong enough reason to put up defenses in other areas. Again, it’s completely based on your risk appetite and there is a contingent of OS X users that swear by the notion of not investing in security until there is overt reason to. This example should prod some of those folks to start thinking more about how vulnerable their invulnerable systems really are.

The problem exists only in the IPv6 networking layer, and – since most folks do not need IPv6 enabled – you can disable IPv6 in each of the network interfaces in your Network System Preferences to give yourself a bit of protection. Here’s an example of that via the Airport configuration panel:

Disable IPv6 in Aiport configuration

Apple should be fixing this in the next security update.

More info on the exploit: Secunia, InformationWeek, digit labs

loading

Comments have been disabled for this post