Exploit code released for Apple Wi-Fi flaw


Exploit code released for Apple Wi-Fi flaw

Bill Brenner, Senior News Writer

A new hacker project kicked off Wednesday with the release of attack code against a new flaw in Apple Computer Inc.'s wireless software.

The code was provided by H.D. Moore, developer of the popular Metasploit security tool, and released via a blog called The Month of Kernel Bugs.

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

The Month of Kernel Bugs is a spin-off of Moore's Month of Browser Bugs project, in which details of new browser flaws were released each day during the month of July.

In his analysis of the new Apple flaw, Moore said the wireless cards used in PowerBooks and iMacs manufactured between 1999 and 2003 are vulnerable to a remote memory corruption flaw.

"When the driver is placed into active scanning mode, a malformed probe response frame can be used to corrupt internal kernel structures, leading to arbitrary code execution," he said. "This vulnerability is triggered when a probe response frame is received that does not contain valid information element (IE) fields after the fixed-length header. The data following the fixed-length header is copied over internal kernel structures, resulting in memory operations being performed on attacker-controlled pointer values."

Apple released a statement Wednesday saying the flaw "affects a small percentage of previous-generation AirPort-enabled Macs and does not affect currently shipping or AirPort Extreme-enabled Macs."

The Month of Kernel Bugs kicked off with the Apple flaw to keep the spotlight on wireless threats outlined at the Black Hat conference in Las Vegas three months ago, said the blog's author, a hacker who goes by the name of LMH.

"With all the hype and buzz about the now infamous Apple wireless device driver bugs … hopefully this will bring some light (better said, proof) about the existence of such flaws in the Airport device drivers," LMH wrote.