Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: On the iPhone PDF and kernel exploit

From: "Marcello Barnaba (void)" <vjt () openssl it>
Date: Wed, 4 Aug 2010 20:32:04 +0200

On Aug 4, 2010, at 7:56 PM, Pablo Ximenes wrote:


I believe Jailbreakme.com is just REsurfacing,as it used to be used back in
the days of the first gen iPhone also for jailbreaking.  So, it's not
excatly the first time this is happening.


Yep, but the attack surface was more wide open at the time: in the 1.x era
applications ran with root privileges (now they run under the "mobile" user)
and there was no sandboxing of user processes (no seatbelt :-).

In a nutshell, it was feasible to exploit a system configured that way with
any remote execution vulnerability, such as the TIFF[1][2] one.

[1]: http://secunia.com/advisories/27213/
[2]: http://support.apple.com/kb/HT2170

~Marcello
-- 
~ marcello.barnaba () gmail com
~ http://www.linkedin.com/in/marcellobarnaba
~ http://sindro.me/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: