Beansec 2 grows by over 100%

Thanks to everyone who came to Beansec 2! I lost track of the number of people around 14 (Hoff says he counted at least 16) but the sheer amount of new faces was awesome. The next Beansec is currently planned for October 25th at the Enormous Room. Don’t forget to add yourself to the mailing list beansec [at] socketpuppet [dot] org. Also for those who were interested in participating in the security vulnerability research project I spoke about feel free to email me directly at oday [at] fas [dot] harvard

BeanSec2 Announcement

an informal meetup of Boston area infosec professionals at the Enormous Room on Sept 27th

Let us know you are coming! mail to: beansec [at] sockpuppet [dot] org

Mac Wireless

More Apple wireless issues documented here although no word as to whether or not it is a hardware or driver issue. Some speculate it is an Intel logic board issue and yet others that it is some type of driver issue. Apple wifi drivers have been coming up a lot recently because of the recent Black Hat presentation.


00002ed0 lwz r0,0x90cc(r2)
00002f00 lwz r0,0x90cc(r2)
00002f30 stw r3,0x90cc(r2)
000062f4 lwz r0,0x90(r2)
00008f78 beq cr7,0x90fc
00008fe4 bne cr7,0x9084
0000900c bne+ cr7,0x9084
0000903c bne+ cr7,0x9084
00009050 bne+ cr7,0x9084
000090bc bne+ cr7,0x90e0
0000f2b4 oris r0,r0,0x9000
0000fa28 addi r1,r1,0x90
0001004c addi r1,r1,0x90
00011494 stw r0,0x90(r30)
000114a8 stw r29,0x90(r30)
00013d54 stw r3,0x90(r29)
0001564c stw r9,0x90(r1)
000156e0 stw r9,0x90(r1)
00015994 addi r4,r4,0x900
000183b4 stw r9,0x90(r1)
000183bc lfd f0,0x90(r1)
00019824 addi r1,r1,0x90
0001b74c addi r1,r1,0x90

Second Life Population

A group of people who only exist in an online simulation.

by Frans Charming

400k users on the front page, I’m 13 days off on my prediction that we would reach it on the end of July. But what does such a number say anyway, if it is constantly redefined as it has been again on the LL blog.

“The number that is currently on our home page is a time-weighted average between “total number of sign ups ever” and “total number of logged in users over the last 60 days”. As of right now, those numbers are 493,563 and 225,028.”

Hi, I’m a Mac

And I can get 0wned just like you PC.

* ImageIO

CVE-ID: CVE-2006-3459, CVE-2006-3461, CVE-2006-3462, CVE-2006-3465

Available for: Mac OS X v10.4.7 Build 8K1079, Mac OS X Server v10.4.7 Build 8K1079

Impact: Viewing a maliciously-crafted TIFF image may lead to an application crash or arbitrary code execution

Description: Buffer overflows were discovered in TIFF tag handling (CVE-2006-3459, CVE-2006-3465), the TIFF PixarLog decoder (CVE-2006-3461), and the TIFF NeXT RLE decoder (CVE-2006-3462). By carefully crafting a corrupt TIFF image, an attacker can trigger a buffer overflow which may lead to an application crash or arbitrary code execution. This update addresses the issue by performing additional validation of TIFF images. Systems prior to Mac OS X v10.4 are affected only by the TIFF NeXT RLE decoder issue (CVE-2006-3462). Credit to Tavis Ormandy, Google Security Team for reporting this issue.

Note:A fifth issue discovered by Tavis Ormandy, CVE-2006-3460, does not affect Mac OS X.

* OpenSSH

CVE-ID: CVE-2006-0393

Available for: Mac OS X v10.4.7 Build 8K1079, Mac OS X Server v10.4.7 Build 8K1079

Impact: When remote login is enabled, remote attackers may cause a denial of service or determine whether an account exists

Description: Attempting to log in to an OpenSSH server (“Remote Login”) using a nonexistent account causes the authentication process to hang. An attacker can exploit this behavior to detect the existence of a particular account. A large number of such attempts may lead to a denial of service. This update addresses the issue by properly handling attempted logins by nonexistent users. This issue does not affect systems prior to Mac OS X v10.4. Credit to Rob Middleton of the Centenary Institute (Sydney, Australia) for reporting this issue.