The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Secunia Reports Mac OS X FTP Vulnerability

Secunia Reports Mac OS X FTP Vulnerability

by , 12:40 PM EST, December 5th, 2006

The security firm Secunia is reporting that it has uncovered a buffer overflow vulnerability in Mac OS X's ftpd function. The report states that if a system is compromised with this exploit, an attacker could potentially execute arbitrary code on the machine or launch a denial of service attack.

The vulnerability affects Mac OS X 10.3.9 and 10.4.8, but other version of the operating system may be vulnerable, too.

The FTP sharing service built into Mac OS X is disabled by default. If you aren't sure if it is running on your Mac, here's how to check:

  • Go to Apple menu > System Preferences to launch System Preferences.
  • Select the Sharing Preference Pane.

  • Disable FTP Access.
  • Click the Services tab.
  • Make sure that FTP Access is unchecked.

This potential exploit assumes that your Mac is visible to other computers on your network, or on the Internet. If you use a properly configured firewall to block your visibility on the Internet, it's unlikely that anyone outside of your local network will be able to find your Mac to attempt an attack.

There are no known reports of this exploit being used.

Digg!

Recent TMO Headlines - Updated May 27th

Thu, 3:58 PM
Rumors Circulate of iCloud Time Machine for Mac & New AirPort Routers, Though There May be Obstacles
Thu, 2:55 PM
State Privacy Legislation Getting Input from Tech Lobbyists to Push Weaker Protections
Thu, 2:05 PM
Microsoft’s Psychonauts 2 Available Now on Mac
Thu, 1:45 PM
Live-Action 'Speed Racer' Produced by J.J. Abrams Soon to Cross Finish Line for Apple TV+
Thu, 1:29 PM
Smart Lighting by Twinkly: Innovative and Fun
Thu, 1:23 PM
Apple's WWDC22 Kicks Off June 6 with Keynote--Here's What to Expect
Thu, 10:40 AM
How to Add Your Apple Account Card to Wallet
Thu, 9:15 AM
Apple Keeps 2022 iPhone Production Target At 220M, 20M Less Than Original Forecast
Thu, 9:02 AM
Apple To Increase Salary of U.S. Retail Store Workers, As Retail Chief Dissuades Workers From Unionizing in a Leaked Video
Thu, 4:45 AM
In-App Account Deletion Gets A New Deadline, Developers Have Until June 30 To Update Their Apps
Thu, 4:40 AM
iPhone SOS Feature Saved A Woman From Getting Assaulted By A Man Who Asked For Help Finding His iPhone
Thu, 4:27 AM
Apple’s Mixed Reality Headset May Not be Standalone After All
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Daily Observations
  • TMO on Twitter!