Full Disclosure mailing list archives
Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 04 Jun 2009 00:47:35 +1200
Thierry Zoller to Will Drewry:
WD> Here's the (mac) exploit module to go along with my simul-report to WD> apple: http://static.dataspill.org/releases/itunes/itms_overflow.rb OMFG, you must by kidding, are we 1999 again ?? Classical Stack buffer overflow in URL request ?! ..o m f g =) Nice find!
You must be wrong! It's a well-known fact -- just ask any Apple fanboi -- that Macs are invulnerable to security exploits of any kind because they are based on Unix-ish and/or open source code and/or are developed by far cooler _and_ cleverer dudes than anyone who ever worked at MS (or anywhere else for that matter, except NeXT) and/or because Steve (the sun shines out my orifices) Jobs said so... So, now we've established that you are wrong, HTF can anyone at Apple seriously claim their shit is worth bottling given they keep getting caught with such egregiously crappy bugs in their code? And how is it that folk who really should know better keep feeding this line of BS? Oh, that's right, they need to justify the grossly excessive cost of those non-Windows x86 machines they've been buying the last few years... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities dvlabs (Jun 03)
- Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities Will Drewry (Jun 03)
- Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities Thierry Zoller (Jun 03)
- Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities Nick FitzGerald (Jun 03)
- Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities Thierry Zoller (Jun 03)
- Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities Will Drewry (Jun 03)