The Mac Observer

Skip navigational links

Choose text size: Select small text. Select medium text. Select large text.

DealsOnTheWeb Daily Deal: 16GB iPod Touch: $329 Delivered

QuickTime RTSP Vulnerability Proof-of-concept Surfaces

by , 4:50 PM EST, November 29th, 2007

A few days after a flaw was discovered in the QuickTime handling of the Real Time Streaming Protocol (RTSP), researchers have been able to craft a proof-of-concept exploit, according to Computerworld on Thursday.

"This particular exploit can cause remote code execution through the QuickTime RTSP protocol vulnerability on Microsoft Windows and Apple systems," Symantec said. "This is the first working exploit for Apple systems that we have observed."

The appearance of a proof-of-concept exploit at the site milw0rm.com has be characterized as a "tripwire" by Symantec. "Once we see something in Metasploit, we know it's likely we'll see it used in attacks," Alfred Huger, vice president of engineering with Symantec's security response group said last summer.

The proof-of-concept works on Intel or PPC Macs running Tiger or Leopard with QuickTime 7.2 or 7.3 (It also affects Windows XP SP2.) Symantec explained how it might work along with some preventive measures.

Apple has not yet published a fix.

Observer Comments

Show: Subjects Only | Full Comments
View Name:Guest
Thu Nov 29, 2007 7:02 pm Subject: baloney
Close Name:j.martellaro -   TMO Staff Posts: 76 Joined: 07 Dec 2006
Thu Nov 29, 2007 7:47 pm Subject: Mac vulnerability

From the original CW article, linked in the first paragraph...

"But even though analysts confirmed on Monday that Mac OS X versions of QuickTime 7.2 and later are also vulnerable, it took several more days for other researchers to craft a reliable exploit."

...

"According to the proof-of-concept, the Metasploit module works on Intel- and PowerPC-based Macs running either Mac OS X 10.4 (Tiger) or 10.5 (Leopard). It also executes on PCs running Windows XP SP2."


 Reply | Quote
View Name:Guest
Fri Nov 30, 2007 4:06 am Subject:
Close Name:daemon Posts: 305 Joined: 17 May 2007
Fri Nov 30, 2007 5:13 am Subject:

Another Apple security hole. Where exactly does the "designed for security from the ground up" come into play with Apple's software?


 Reply | Quote
Close Name:JulesLt Posts: 136 Joined: 06 Jul 2005
Fri Nov 30, 2007 9:11 am Subject: Dig Your Own Hole

Quote
daemon wrote:
Another Apple security hole. Where exactly does the "designed for security from the ground up" come into play with Apple's software?


The same way that a car designed for safety can still have faults?? The Unix basis of OS X is fundamentally a better model than classic Mac OS, or Windows. Mac OS system 9 closed the gap considerably, as did XP SP2 and Vista on Windows, but neither of those systems had been designed as a secure networked system in the first place.

Which isn't to defend them in this case - Quicktime seems to be the single most insecure piece of software Apple have produced.


 Reply | Quote
Close Name:Intruder -   TMO Mac Specialist Posts: 2833 Joined: 07 Jul 2004
Fri Nov 30, 2007 10:00 am Subject:

daemon is trolling again.


 Reply | Quote
Close Name:Sir Harry Flashman Posts: 577 Joined: 08 Feb 2007
Fri Nov 30, 2007 10:56 am Subject: It doesn't work in Safari?

Am I reading the article at Symantic correctly that this exploit requires Explorer or FireFox? I didn't see where it affects Safari.


 Reply | Quote
Comment on this Article

Show:   comments per page.   Save Settings
Guest Posts Hidden. View Them.
Back to top  Page 1 of 1    

You cannot edit your comments.   You cannot delete your comments.
Log in | Register | Having Problems? Reset TMO Cookies & Try Again
Username:   Password:   Log me on automatically each visit   

You are not logged in, and this post will appear as "Guest." Log in with your username and password from the TMO forums. If you do not have a username, you can register here.
Please note that guests are limited to including a maximum of two URLs per post.

Post A Comment
  Subject


  Your Comments



Please enter the word exactly as you see it in the image above. Registered users aren't prompted for this. Having trouble reading the image get a new one.

Recent Headlines - Updated Friday, May 9th, 2008

Fri., 6:00 PM
iPO Free on iTunes - Aussie UFOs, StrangeThings, Hometown Tales and More
5:30 PM
StrangeCharm - Fewer Particles, More Debris ( Week of May 5)
4:05 PM
MW: The New Rules for Buying a Mac
3:15 PM
OpenOffice 3.0 beta Released for Mac OS X
1:30 PM
Pogue: Time Capsule is So Simple, Just Ignore It
1:05 PM
C|Net: Why Apple Should Build a Game Console
10:45 AM
Hot Forum Topic - The iPhone's March Across the World
10:20 AM
Mailplane 2 Beta Includes OmniFocus Support
9:45 AM
iPodObserver - Apple Canada Offers $45 Credit in iPod Suit
9:05 AM
Apple Settles Power Adapter Suit
8:05 AM
Microsoft Dissolves Yahoo Proxy Board
7:30 AM
TMO Quick Tip - Tracking Application Updates in Dashboard
 

The Mac Observer Reader Specials

Apple Stock Quote

  • AAPL: $183.45. Change Today: -1.61.
  • (Prices delayed up to 20 minutes.)
  • Discuss in our Apple Finance Board

Hot Topics

What's the buzz? These articles have TMO readers talking.

Apple iTunes

Top Deals From DealsOnTheWeb