Exploit code released for Apple Wi-Fi flaw

Article

Exploit code released for Apple Wi-Fi flaw

Bill Brenner, Senior News Writer

A new hacker project kicked off Wednesday with the release of attack code against a new flaw in Apple Computer Inc.'s wireless software.

The code was provided by H.D. Moore, developer of the popular Metasploit security tool, and released via a blog called The Month of Kernel Bugs. The Month of Kernel Bugs is a spin-off of Moore's Month of Browser Bugs project, in which details of new browser flaws were released each day during the month of July.

In his analysis of the new Apple flaw, Moore said the wireless cards used in PowerBooks and iMacs manufactured between 1999 and 2003 are vulnerable to a remote memory corruption flaw.

"When the driver is placed into active scanning mode, a malformed probe response frame can be used to corrupt internal kernel structures, leading to arbitrary code execution," he said. "This vulnerability is triggered when a probe response frame is received that does not contain valid information element (IE) fields after the fixed-length header. The data following the fixed-length header is copied over internal kernel structures, resulting in memory operations being performed on attacker-controlled pointer values."

Apple released a statement Wednesday saying the flaw "affects a small percentage of previous-generation

    Requires Free Membership to View

    Login

    SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.co.uk you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.co.uk is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

AirPort-enabled Macs and does not affect currently shipping or AirPort Extreme-enabled Macs."

The Month of Kernel Bugs kicked off with the Apple flaw to keep the spotlight on wireless threats outlined at the Black Hat conference in Las Vegas three months ago, said the blog's author, a hacker who goes by the name of LMH.

"With all the hype and buzz about the now infamous Apple wireless device driver bugs … hopefully this will bring some light (better said, proof) about the existence of such flaws in the Airport device drivers," LMH wrote.


Back to top